The Biggest Hole – Keeps Getting Bigger

Welcome! Please comment and leave me a note telling me what you like and what you'd like to see more of. Sign up to my RSS Feed!

It is amazing that over two years after I wrote my post The SCADA Scandal, that the problem still exist.  Nay, it grows larger, seemingly daily.

In a short but succinct post below, which was first posted here and is graciously made available to readers of this blog, Mourad explains:


Italian security researcher recently revealed details of several vulnerabilities in the system supervisory control and data acquisition (SCADA) from multiple vendors.  Luigi Auriemma (site no longer available) has released details and proof of concept code for 6 vulnerabilities affecting popular SCADA systems.  Most of the vulnerabilities allow remote code execution, many of them are easy to use,” – says Luigi Auriemma. “At least three vendors have released patches, and Rockwell Automation is working on it right now.”

The affected products are:

  • Beckhoff TwinCAT ‘TCATSysSrv.exe’ Network Packet Denial of Service Vulnerability
  • Rockwell RSLogix Overflow Vulnerability
  • Measuresoft ScadaPro Multiple Vulnerabilities
  • Cogent DataHub Multiple Vulnerabilities
  • AzeoTech DAQFacstory Stack Overflow
  • Progea Movicon Multiple Vulnerabilities


It is amazing that we keep finding these holes daily.  Forget Stuxnet and the STARS.  These still exist in everyday life-support infrastructure and utilities networks we depend on for our very civilization.   Until when will they be allowed to exist unmitigated?






This Just In (Twitter) | Twitter Is Down


The good-morning application currently everyone’s favorite is down.  This started today at 9:13AM PDT, and was acknowldged by the company shortly thereafter.  

Site is down 18 minutes ago

We are determining the cause and will provide an update shortly.


So what are people to do?


The resultant rush to Facebook has slowed down, and in some cased broke, that site.   AJAX error and network errors are multiplying….

And of course… Flickr has slowed down substanitally, and IM networks, especially Yahoo! IM has slowed down.   I wonder what it does to "real" phone lines – cellular or otherwise.

More on this as it develops….


UPDATE at 11:15 EDT:


Twitter is officially under a DDoS:


Site is down 1 hour ago

We are determining the cause and will provide an update shortly.

Update: we are defending against a denial-of-service attack.


In a related note:  Amazon’s cluster in Washington State and the San Jose Verio Cluster are both much slower than usual.  I wonder what that means to AWS Cloud users


Update:  11:20 AM… A friend just asked me if it is Cyberwar.   No.  It is Cyberbull.  (TM)


Update: 11:42 AM  Twitter is up.  Slow, but up.

Update: 17:00 OM… I just saw the New York Times publishing an article suggesting that the attack on Twitter et al was from Russia and a part of last year’s conflict with Georgia.



Show me the proof.


I am just waiting to see someone blaming IRAN for it, as a pay back for Twitter’s role.




10:03 PM EDT Update:  The Register’s Dan Gooding, a fantastic righter that I enjoy, put out this article advancing the theory that the attacks were a) Russian in nature and b)  well… I will let you see his words:

"This was not like a botnet-style DDoS," Woodcock told The Register. "This was a joejob where people were just clicking on links in email and the people clicking on the links were not malefactors. They were just the sort of idiots that click on links in email without knowing what they are."

While, in theory, that is possible, I find it so unlikely as to be laughable.   Imagine all those poor Russian hitting links at the very same time and generating attacks.   Roll eyes.

In addition, to claim that the Internet is fragile enough to allow attacks on the mention of ONE INDIVIDUAL’s blog to bring down some of the biggest bandwidth sites on the web is….. what’s the word…. foolish.


I could be wrong, but since I am already disagreeing with Evgeny (here), I feel fairly certain I am correct.


10:47  It seems to be happening AGAIN.  Both Twitter and LiveJournal are down.   And please none of that cyberbull about Russians getting busy again.