CVE-2020-10611 - RCE in a flawed DNP3 Implementation
S4x20 hosted the Pwn2Own Miami hacking competition this year, and one of the more interesting and impactful results was a bug chain leading to remote code execution (RCE) in the Triangle Microworks (TMW) SCADA Data Gateway. The Zero Day Initiative who puts on these competitions recently released a detailed writeup (and video) of the bugs and the exploit. Achieving code execution on the Triangle MicroWorks SCADA Data Gateway - details (and video!
Binding Rust to other languages safely and productively
When we made the decision to write our next generation of libraries in Rust, we knew we needed a solid approach for binding them to other languages. It may be some time before we have customers purchasing our libraries to use them in a Rust-only codebase. The majority of our customers will want to use the libraries in C/C++, .NET, or Java. Writing the core implementation in Rust means more productivity, fewer errors, and certain safety guarantees compared to writing it in C++.