433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (727) 493-2351

SilkETW: Because Free Telemetry is…Free!

In the following example, we will collect process event data from the Kernel provider and use image loads to identify Mimikatz execution. We can collect the required data with this command: SilkETW.exe -t kernel -kk ImageLoad -ot file -p C:Usersb33fDesktopmimikatz.json With data in hand it is easy to sort, grep and filter for the properties […]

46 – Innovation, Speeding up Acquisition and Space Enterprise Architecture

Listen to Jeff Rowlison discuss the effort to leverage innovations coming out of the commercial satellite communications industry to support the Warfighter. Hear him discuss the Air Force envisioning the Warfighter roaming from MILSATCOM to COMSATCOM seamlessly, taking advantage of commercial options to accomplish Warfighter missions. Influencing the pace of innovation, the pace of contracting […]

Soldier dies during training

1 / 1 Show Caption + Hide Caption – (Photo Credit: U.S. Army photo) VIEW ORIGINAL FORT BRAGG, N.C. — Sgt. First Class Ethan Carpenter, a reconnaissance specialist assigned to the Regimental Special Troops Battalion, 75th Ranger Regiment, died during routine military free-fall training at a facility in Arizona, March 15, 2019.A native of Trumansburg, […]

AVEVA InduSoft Web Studio and InTouch Edge HMI

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: AVEVA Equipment: InduSoft Web Studio, InTouch Edge HMI Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow execution of unauthorized code or commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AVEVA InduSoft Web […]

Columbia Weather Systems MicroServer

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Columbia Weather Systems, Inc. Equipment: Weather MicroServer Vulnerabilities: Cross-site Scripting, Path Traversal, Improper Authentication, Improper Input Validation, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow disclosure of data, cause a denial-of-service condition, and allow remote code execution. […]

LCDS LAquis SCADA ELS Files

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment: LAquis SCADA Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of LAquis SCADA, an industrial automation […]

Gemalto Sentinel UltraPro

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Gemalto Equipment: Sentinel UltraPro Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow execution of unauthorized code or commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Sentinel UltraPro encryption keys are affected: Sentinel […]

PEPPERL+FUCHS WirelessHART-Gateways

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: PEPPERL+FUCHS Equipment: WirelessHART-Gateways Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to files and restricted directories stored on the device through the manipulation of file parameters. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS […]