Critical Infrastructure Vulnerable to Holes in Chinese SCADA Software | threatpost

The U.S. CERT has issued a security advisory firms using industrial control systems software from the Chinese firm Sunway in the U.S. after a researcher discovered remotely exploitable holes that could be used to knock out or take control systems running the company’s software. The ICS-CERT, the Computer Emergency Readiness Team for the industrial control sector, issued an advisory on June 14 after heap overflow vulnerabilities were discovered in Sunway’s Force Control and pNetPower products by NSS Labs researcher Dillon Beresford.

via Critical Infrastructure Vulnerable to Holes in Chinese SCADA Software | threatpost.

Web too Vulnerable to Potential Attack, Study Suggests | PCWorld

The report revealed that 40 percent of the IT executives surveyed felt that there was in their industry lately. However, nearly 30 percent of the same group of executives said their company networks are unprotected and 40 percent believe that a “major” cyber attack may be imminent within the next year.

The report also noted that the threats to critical infrastructure have increased compared to last year even as efforts to protect the infrastructures have not increased in any way. The new study is a follow-up of last year’s study which already noted that critical infrastructures were not as protected as expected.

Power Grids

via Web too Vulnerable to Potential Attack, Study Suggests | PCWorld.