Pages

Friday, August 21, 2015

Positive Technologies helps to eliminate critical vulnerabilities in Siemens and Schneider Electric SCADA systems


Ilya Karpov, a Positive Technologies expert, detected vulnerabilities in products intended for building automation systems in various industries — from petrochemical to power plants.

Ilya found a problem related to clear-text password storage in Schneider Electric systems — InTouch Machine Edition 2014 (version 7.1, Service Pack 3, Patch 4) and InduSoft Web Studio (7.1.3.4), as well as in their previous builds. The vulnerability that got the CVE-2015-1009 identifier and 6.4 base mark though cannot be exploited remotely requires only a low-qualified internal attacker.

Friday, August 14, 2015

The eagerly awaited Gartner Web Application Firewall Magic Quadrant is released




For the first time our application firewall product, PT AF™, has been named a ‘visionary’ in the Gartner "Magic Quadrant for Web Application Firewalls" report. We are ecstatic that Gartner recognized Positive Technologies for its ability to innovate and outperform in the WAF market particularly as we are a new entrant to this Magic Quadrant. It is very rewarding to be recognized for a compelling vision and credited with demonstrating a strong capability to protect business applications, notably SAP.  We are delighted that the Gartner report also noted that our partners and customers speak highly of both our responsiveness and of the quality of our technical support as looking after our customers is key to our overall company vision and core to everything we do.

Wednesday, July 22, 2015

Digital Substation Takeover: Contest Overview


Digital Substation Takeover, presented by iGRIDS, was held at PHDays V. The contest's participants tried themselves in hacking a real electrical substation designed according to IEC 61850. The general task was to perform a successful attack against the electrical equipment control system.

Best Reverser Write-Up: Analyzing Uncommon Firmware



While developing tasks for PHDays’ contest in reverse engineering, we had a purpose of replicating real problems that RE specialists might face. At the same time we tried to avoid allowing cliche solutions.

Monday, July 6, 2015

The MiTM Mobile Contest: GSM Network Down at PHDays V


Although we have published several research works on cell phone tapping, SMS interception, subscriber tracking, and SIM card cracking, lots of our readers still regard those stories as some kind of magic used only by intelligence agencies. The MiTM Mobile contest was held at PHDays for the first time, and it let the participants realize how easily an attacker can conduct the above-mentioned attacks having only a 10$ cell phone with some hacker freeware.

Friday, July 3, 2015

PHDays V Highlights: Signs of GSM Interception, High Time to Hack Wi-Fi, Future of Encryption


Technological singularity is expected in 15 years at best, but Positive Hack Days transition is happening right now. The fifth forum had a record attendance – over 3,500 visitors, which is comparable to the leading international hacker conferences, and the number of talks, sessions, and various activities surpassed one hundred. The incredible and exciting contests involved hacking spaceships, power plants, ATMs, and railway companies. More Smoked Leet Chicken became the winning champion of this year’s CTF, showing their best at stock exchange speculation. Congratulations! A detailed write-up about that is coming soon. Right now let’s focus on a number of recommendations and tips that impressed us most of all during the 2-day hacker marathon that took place in World Trade Center on May 26-27.

Wednesday, June 3, 2015

WAF Bypass at Positive Hack Days V


As it did last year, the PHDays forum on information security hosted WAF Bypass this year as well. The contest's participants tried to bypass the protection of PT Application Firewall, Positive Technologies' product. For this contest, the organizers developed the site Choo Roads, which contained common vulnerabilities, such as Cross-Site Scripting, SQL Injection, XML External Entities Injection, Open Redirect. Upon exploiting one of the vulnerabilities, a participant obtained a flag in the MD5 format and gained points. MD5 flags could be found in the file system, database, and cookie parameters and detected by a special bot that was developed by using Selenium.