Cylance Hacks Google Office Building Management System 46
Gunkerty Jeb writes "Industrial control minded researchers from the security firm Cylance launched a custom exploit against a building management system deployed at Google's Sydney, Australia office, gaining access to a configuration file containing device administration passwords that could be used to gain complete control of the device in question. This vulnerability in Tridium's Niagara framework affects an unknown number of organizations aside from Google. In fact, Tridium claims on its website that 'there are over 245,000 instances of the Niagara Framework deployed worldwide.' Cylance said its scans revealed some 25,000 similarly vulnerable systems facing the Internet."
Why??? (Score:2, Funny)
Why is a build management tool doing exposed in the internet?
Amazing... next we will see the temperature controls of nuclear power plants exposed on the internet also...
Re:Why??? (Score:5, Funny)
Why is a build management tool doing exposed in the internet?
Amazing... next we will see the temperature controls of nuclear power plants exposed on the internet also...
No sweat, man, the client-side javacript totally validates the user input to prevent them sending an unsafe control rod configuration back to the server, it's rock solid.
Serious (Score:5, Funny)
Re:No (Score:5, Funny)
But I'll bet they've got a bunch of idiots standing around enormous, complex displays muttering nonsensical 'hacker' terms.
At least that part of the movie was real, right?