Sunday, December 27, 2015

32C3 slides

Slides and video from 32C3 The Great Train Cyber Robbery talk.

SCADAPASS #32C3 Release

Special Chaos Communication Congress release.
List of default password for industrial control systems components.

Kudos to  Oxana Andreeva (

37 vendors.
PLC, RTU, HMI, gateways, switches, servers, wireless ap, etc

Tuesday, December 22, 2015

Now Declared Capabilities

Neat FAQ about hardcoded password in Siemens SIPROTEC 4 protective relay.

"SIPROTEC 4 and SIPROTEC Compact devices allow the display of extended internal statistics and test information... 

Sunday, December 13, 2015

The Great Train Cyber Robbery on #32C3

Christmas is coming and we are excited to visit Chaos Communication Congress in Hamburg and to speak there.

32C3 Fahrplan looks perfect and we hope you will able to visit our talk. It's difficult though because of excellent agenda full of wonderful reports...

Saturday, October 10, 2015

Saturday, September 19, 2015

Huawei advisory for HWPSIRT-2015-05103

Huawei published advisory on Huawei MBB (Mobile Broadband) product E3272s.

It's all about "Bootkit via SMS" research presented at PacSec and HITB by Timur Yunusov, Kirill Nesterov, Alexander Zaitsev.

More info: Huawei-SA-20150817-01-MBB

Huawei states it's a DoS. Let it be the DoS.