The talk is about SCADA vulnerabilities and exploiting. We will answer some specific questions about SCADA software vulnerabilities with technical details. The questions are; - Why are SCADA applications buggy? - What is the status and impact of the threat? - How do researchers or hackers discover these vulnerabilities? In this talk we will also look at some SCADA vulnerabilities that affects well-known SCADA/HMI vendors, and will show how it's easy to hunt these vulnerabilities via reverse engineering , fuzzing etc. Celil UNUVER Celil Unuver is co-founder & security researcher of SignalSEC Ltd. He is also founder of NOPcon Security Conference. His areas of expertise include Vulnerability Research & Discovery, Exploit Development, Penetration Testing and Reverse Engineering. He has been a speaker at CONFidence, Swiss Cyber Storm, c0c0n, IstSec, Kuwait Info Security Forum. He enjoys hunting bugs and has discovered critical vulnerabilities affect well-known vendors such as Adobe, IBM, Microsoft, Novell etc.