Earlier today the DHS ICS-CERT published an update to their
HeartBleed (okay OpenSSL Vulnerability) Alert that was issued
and updated
earlier this week. They have also provided a link to an FBI “Private Industry
Notification” that provides Snort signatures for detecting exploits of the
HeartBleed vulnerability.
The updated alert (Version ‘B’)
points at the FBI Snort document. It also provides a link to the free ‘Snort
Community Rules’ that were updated today (presumably with HeartBleed
signatures).
The alert also reports that there are ‘additional indicators
of compromise’ available on the Control Systems compartment of the US-CERT
secure portal. You might want to check those out.
While I don’t have access to the Secure Portal, I certainly
would recommend anyone running an industrial control system consider requesting
access. There are too many times that the really good information (I hope it is
really good) is kept under limited distribution for legitimate reasons.
“ICS-CERT encourages U.S. asset
owners and operators to join the Control Systems compartment of the US-CERT
secure portal. Send your name, e-mail address, and company affiliation to ics-cert@hq.dhs.gov.”
Posts
No comments:
Post a Comment