January 2018 – Important Notice on Microsoft update KB4056896

Update Survalent is diligently monitoring the situation of the recently announced hardware vulnerabilities, Meltdown and Spectre. As part of our ongoing quality assurances procedures, patch management process, and field deployment activities, we have not observed any negative impact to the […]

https://www.survalent.com/important-notice-on-microsoft-update-kb4056896/ May 2017 – Important Notice on Ransomware Outbreak Targeting Windows SMB Flaw

Update Last week, a new ransomware was detected by Microsoft that spreads by leveraging vulnerabilities that have been previously fixed. The ransomware identified as WannaCrypt (also known as WannaCry, WanaCrypt0r, WCrypt, or WCRY) used publicly available exploit code for the […]

https://www.survalent.com/important-notice-on-ransomware-outbreak-targeting-windows-smb-flaw/ January 2016 – KillDisk Malware

Overview Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said. The outage left about half of the homes […]

https://www.survalent.com/january-2016-killdisk-malware/ January 2016 – Stuxnet

Overview Stuxnet specifically targets PLCs controlling industrial centrifuges (which I do not believe BCRTC uses in SCADA) using a vulnerability in Windows USB device handling (which has been corrected for some time).  It then propagated across the network, exploiting a […]

https://www.survalent.com/january-2016/ April 2015 – Symantec’s Power Eraser Tool

Overview Recent media reports about the Beebone/Changeup “malware” may have prompted some computer users to determine if they are affected. One tool for detecting and removing such malware is the Power Eraser from Symantec. Symantec’s Power Eraser Tool may cause […]

https://www.survalent.com/april-2015/ November 2014 – BlackEnergy Malware

Systems Affected This vulnerability impacts GE Cimplicity, and possibly Advantech/Broadwin WebAccess, and Siemens WinCC. It targets the Cimplicity “.cim” files. Overview The US Department of Homeland Security’s Industrial Control System Cyber Emergency Response Team (ICS-CERT) recently released an alert regarding […]

https://www.survalent.com/blackenergy-malware/ October 2014 – Sandworm and SCADA

Systems Affected Windows PCs running the GE Intelligent Platform’s CIMPLICITY HMI Overview These attacks target Microsoft Windows PCs running the GE Intelligent Platform’s CIMPLICITY HMI solution suite with a spear phishing email. The email has a malicious attachment that is […]

https://www.survalent.com/sandworm-and-scada/ October 2014 – “Shellshock” Vulnerability

From the US-CERT Release: Systems Affected GNU Bash through 4.3. Linux and Mac OS X systems, on which Bash is part of the base operating system. Any BSD or UNIX system on which GNU Bash has been installed as an […]