Anyone in #infosec have a shortlist of SCADA CVEs? Parsed from ics-cert or something?
-
-
Replying to @mroytman
@mroytman@ebellis Just mirrored and parse the CVEs from all the ICS advisories: http://rud.is/dl/ics-cve.txt not sure if they are all SCADA…1 reply 0 retweets 0 likes -
Replying to @hrbrmstr
@hrbrmstr@ebellis boom! awesome start - wanted to see what exploit availability/traffic looks like inside the "SCADA dmz" /cc@suburbsec2 replies 0 retweets 0 likes -
Replying to @mroytman
@mroytman@ebellis@suburbsec also, 'egrep -io "CVE[0-9\-][0-9\-]*" *' is ur bff1 reply 0 retweets 0 likes -
Replying to @hrbrmstr
@hrbrmstr@ebellis@suburbsec but not for long, MITRE's future, it's coming on, it's coming on...1 reply 0 retweets 0 likes -
Replying to @mroytman
@mroytman@ebellis@suburbsec rly rly rly resisting the urge to graph vuln counts by year from that list :-)1 reply 0 retweets 0 likes -
Replying to @hrbrmstr
@hrbrmstr@ebellis@suburbsec don't worry - I'll graph live vulns by year... just don't think we have enough scada clients...yet2 replies 0 retweets 0 likes -
Replying to @mroytman
@mroytman@ebellis@suburbsec :-) somehow i doubt this is a full/accurate list, tho. gotta be vulns in 2002-5/7.pic.twitter.com/nyYCyBHLM6
2 replies 0 retweets 0 likes -
Replying to @hrbrmstr
@hrbrmstr@ebellis@suburbsec@attritionorg has something to say about this - his RVASec talk has the answers - ICS-CERT is a 2009 creation1 reply 0 retweets 0 likes
@mroytman @hrbrmstr @ebellis @suburbsec ICS-CERT and CVE are incomplete on SCADA. http://bit.ly/18gYFez (172 w/o CVE)
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.