Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Oct 3, 2012
What do critical infrastructure vendors Siemens/RuggedCom and Belden/GarrettCom have in common? Aside from being big names in a $3.7b industrial networking market, they both have serious vulnerabilities as EXPOSED by Cylance, Inc.
In this episode, Stuart McClure, lead author of the Hacking Exposed series and Founder/CEO of Cylance, Inc. is joined by Cylance, Inc. researcher Justin W. Clarke. The first exploit shown is a demo on how a simple guest account in GarrettCom's MNS-6K software can be easily escalated to an administrator level in less than 5 minutes. They also discuss in-depth and give a LIVE demo of how to reverse hard-coded SSL private keys from RuggedCom's "Rugged Operating System" (ROS.) Since these devices are "hardened" and used by power plants and other such critical infrastructure, the implications are drastic.