Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
IT

Submission + - 10 Hard Truths IT Must Learn To Accept (infoworld.com) 1

snydeq writes: "InfoWorld's Dan Tynan takes a look at the 10 hard truths today's IT organizations must learn to live with. From the proliferation of unsanctioned devices, to compromised networks, to inevitable downtime, to non-self-supporting users, 'the gap between your dreams and cold hard reality just gets wider every day. That doesn't mean you should give up, but it does mean you need to get real about what you can change and what you must accept.'"
Security

Submission + - Many Stuxnet Bugs Still Unpatched by Siemens (threatpost.com)

Trailrunner7 writes: The media storm over the Stuxnet worm may have passed, but many of the software holes that were used by the worm remain unpatched and leave Siemens customers open to a wide range of potentially damaging cyber attacks, according to industrial control system expert Ralph Langner.
Langner said that the media paid too much attention to the four, zero day Windows vulnerabilities that enabled the Stuxnet worm, but overlooked the other security holes used by the worm. Unlike the Windows vulnerabilities, which Microsoft quickly fixed, many of the holes in Siemens' products remain unpatched, he contends.

Langner enumerates three types of exploits used by Stuxnet — only one category of which (Windows operating system exploits) have been closed. The other two are Windows applications exploits aimed at Siemens Siemens Simatic Manager and the Siemens WinCC SCADA application, and controller exploits aimed at Siemens S70-300 and 400 series controllers.

Security

Submission + - Most Vulns Used by Stuxnet Worm Remain Unpatched (threatpost.com)

chicksdaddy writes: The media storm over the Stuxnet worm may have passed, but many of the software holes that were used by the worm remain unpatched and leave Siemens customers open to a wide range of potentially damaging cyber attacks, according to industrial control system expert Ralph Langner.
Writing on his personal blog, Langner said that critical vulnerabilities remain in Windows-based management applications and software used to directly manage industrial controllers by Siemens Inc., whose products were targeted by the Stuxnet worm, Threatpost reports.

Slashdot Top Deals

We cannot command nature except by obeying her. -- Sir Francis Bacon

Working...