A scan for systems allowing remote desktop connections without passwords performed during a Defcon talk about the Masscan tool found a wide variety of system open for anyone with knowledge of the correct IP address, such as access to a hockey rink, a manufacturing plant for a Swedish condiment, hydroelectric plants and a lot more. [more inside]
The Langner Group, based in Germany, has published the most detailed report yet on the Stuxnet malware that was used to sabotage Iran's uranium enrichment efforts. [more inside]
Sunday night 60 Minutes aired a segment on the state of cyber crime & cyber terror which included the extraordinary claim that unknown hackers were behind massive power outages in Brazil in 2005 & 2007. Now Wired Magazine's Threat Level blog says that's just not true. According to two studies (PDF, Portuguese) by the Brazilian government it was buildup of soot on insulators that caused the blackouts, not super-hackers demonstrating their abilities. Is the US Intelligence Community passing around false information to justify its relevance?
"[Vitek] Boden had waged a three-month war against the Scada (Supervisory Control and Data Acquisition) system of Maroochy Water Services in Australia beginning in January 2000, which saw millions of gallons of sewage spill into waterways, hotel grounds and canals around the Sunshine Coast suburb." A 2002 Washington Post story on possible al-Qaeda attacks also mentions the Boden case: "Specialists in cyber-terrorism have studied Boden's case because it is the only one known in which someone used a digital control system deliberately to cause harm."