Comments
Project 'Gridstrike' Finds Substations To Hit For A US Power Grid Blackout
Newest First  |  Oldest First  |  Threaded View
Brian.365
50%
50%
Brian.365,
User Rank: Apprentice
1/11/2016 | 7:32:23 PM
Probably much more vulnerability out there....
Years back, I did an interesting study on a theoretical terrorist attack to San Onofre Generating Station in Southern California, before new units of the nuclear power plant came on line. I got all the info I needed from the public library and the Environmental Impact Report. Although it is now in the process of decommissioning, back in 1980's it appeared to be very vulnerable to sabotage and terrorism.  The ocean intake cooling tubes were wide open and could easily be compromised. Without adequate cooling water the plant would have been toast. My only credentials to do such a study is that I was a commercial diver a few years prior.
Leati
50%
50%
Leati,
User Rank: Apprentice
1/11/2016 | 4:35:48 PM
Re: Correction?
No, it's okay
sbarry71
50%
50%
sbarry71,
User Rank: Apprentice
1/7/2016 | 4:08:43 PM
Correction?
"He will speak publicly for the first time about the Gridstrike research next week at the S4x2016 ICS/SCADA conference in Miami."

 

Pretty sure I attended a webinar about the report January 13th of 2015.


New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Yahoo Class-Action Suits Set for Settlement
Dark Reading Staff 9/17/2018
RDP Ports Prove Hot Commodities on the Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: In Russia, application hangs YOU!
Current Issue
Flash Poll
How Data Breaches Affect the Enterprise
How Data Breaches Affect the Enterprise
This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7929
PUBLISHED: 2018-09-18
Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations.
CVE-2018-7991
PUBLISHED: 2018-09-18
Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to the computer and then perform some specific o...
CVE-2018-14641
PUBLISHED: 2018-09-18
A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this ...
CVE-2018-14642
PUBLISHED: 2018-09-18
An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests.
CVE-2018-16958
PUBLISHED: 2018-09-18
An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NET_SessionID primary session cookie, when Internet Information Services (IIS) with ASP.NET is used, is not protected with the HttpOnly attribute. The attribute cannot be enabled by customers. Consequently, this cookie is...