This afternoon the DHS ICS-CERT updated two alerts that it issued for Rockwell PLC’s last week. The updated alerts (here and here) have the same, single-sentence addition made:
“This vulnerability was discovered by Aditya K. Sood and presented by him at DefCon 2015 in Las Vegas, Nevada, on August 8, 2015.”
This means that all six of the DefCon related alerts that ICS-CERT published last week come from the same talk. Strange that none of the other talks about ICS security matters merited an alert, advisory or update of a previously issued advisory.