Thursday the DHS ICS-CERT published a new advisory for the Cogent Data Hub application and the final draft agenda for the Industrial Control System Joint Working Group’s (ICSJWG) Spring 2016 meeting.
This advisory describes a privilege escalation vulnerability in the Cogent Data Hub application. The vulnerability was reported by Steven Seeley of Source Incite. Cogent has produced a new version of the software to mitigate the vulnerability and Steven has verified the efficacy of the fix.
ICS-CERT reports that an exploit of this vulnerability would require local access and would require an authorized user to load a malformed file. Given those prerequisites, ICS-CERT says that a relatively unskilled attacker could exploit this vulnerability to escalate their access to system level.
ICSJWG 2016 Spring Agenda
The final draft of the agenda ICSJWG 2016 Spring Meeting. As I had previously noted, this 3-day meeting will be held in Scottsdale, AZ starting May 3rd, 2016. It looks like a nice mix of presentations in three simultaneous venues. The presentations on the Main stage include:
• How do you know if you are doing enough;
• Building C2M2 and its successful testing at several government and academic institutions;
• Factors that influence the structure of cyber organizations;
• Hands-on demonstration using pre-built wizards;
• NIST Cybersecurity Framework;
• Efforts to develop implementation guidelines in support of the NIST Cybersecurity Framework;
• Meeting the challenge for cyber assurance with UL cap.
There is a forensics workshop that will be taking place the full three days of the Meeting. Each session will last about 30 minutes. “This hands-on technical workshop will allow attendees to learn recommended best practices for performing hard drive and memory captures on a
live system. Attendees will work one-on-one with ICSCERT’s Advanced Analytical Laboratory staff to learn techniques used to capture forensic copies for analysis.”