Blog Posts Tagged with "ICS"

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: What does a Cyber Attack Feel Like?

April 26, 2012 Added by:Infosec Island Admin

The free ICS Advanced Cybersecurity training offers step-by-step guidance on network discovery, exploitation, defense, and detection. After the 3 full days of classroom instruction participants are armed with an arsenal of cyber attack and defense tools and techniques...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

All the Lights Will Not Go Out in a Cyber Attack

April 17, 2012 Added by:Dan Dieterle

One of the biggest threats that you hear is that hackers could take out the power grid and all the power would be shut off. America would be thrown back to the power stone age in the flick of a switch (or a series of SCADA exploits). But is this true? The answer is no...

Comments  (5)

A966b1b38ca147f3e9a60890030926c9

Information Sharing and the ICS-ISAC

April 15, 2012 Added by:Chris Blask

The topic of information sharing has become one of the most interesting in finding “The Solution” to ICS security. Aspects securing industrial control systems – including timing, technology and workforce – suggest that answers lie less in technology and more in Robert’s Rules...

Comments  (2)

94ae16c30d35ee7345f3235dfb11113c

Cybersecurity Problems Found in Electrical Infrastructure

April 07, 2012 Added by:Joel Harding

DOE is in charge of locating and fixing critical infrastructure problems within the energy sector. Do they, in turn, report to DHS if it has to do with critical infrastructure? Does DHS oversee DOE’s cybersecurity problems, their critical infrastructure problems or...?

Comments  (2)

69dafe8b58066478aea48f3d0f384820

NIST Workshop on SCADA - ICS Security

April 05, 2012 Added by:Headlines

Securing against unlawful and malicious attacks is especially vital when the computers control major physical systems—manufacturing plants, transportation systems, power grids. Cybersecurity for physical systems is the topic of an upcoming NIST workshop...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Invensys Wonderware Server Multiple Vulnerabilities

April 04, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Invensys Wonderware Information Server which if exploited could allow denial of service, information disclosure, remote code execution, or session credential high jacking. Invensys has developed a security update...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Invensys Wonderware Buffer Overflow Vulnerability

April 02, 2012 Added by:Infosec Island Admin

Researchers identified two buffer overflow vulnerabilities in the WWCabFile component of the Wonderware System Platform, and successful exploitation of these vulnerabilities will cause a buffer overflow that may allow remote code execution...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

What is Aurora and Why is it a Risk to Grid Reliability?

March 29, 2012 Added by:Joe Weiss

Aurora is a gap in the protection of the electric grid. It is a basic physics property - an out-of-phase condition that cannot be seen by the operator and can NOT be addressed by traditional mitigation. The only means to prevent an Aurora event is by physical hardware mitigation...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

March 29, 2012 Added by:Infosec Island Admin

Researchers have identified two vulnerabilities that may result in a denial-of-service (DoS) condition in the Rockwell Automation FactoryTalk (FT) application which if successfully exploited may result in a Denial of Service condition...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Increasing Threat to Industrial Control Systems

March 21, 2012 Added by:Infosec Island Admin

ICS-CERT is monitoring an increase in a combination of threats that increase the risk of control systems attacks. These include Internet accessible ICS configurations, vulnerability and exploit tool releases, and increased interest and activity by hacktivist groups and others...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Understanding Industrial Control System Vulnerabilities

March 21, 2012 Added by:Infosec Island Admin

A mission-critical control system is typically configured in a fully-redundant architecture allowing quick recovery from loss of various components in the system. A backup control center is used in more critical applications to provide a secondary control system...

Comments  (0)

296634767383f056e82787fcb3b94864

An Open Source Methodology to Attack Critical Infrastructure

March 20, 2012 Added by:Jeffrey Carr

Attackers with moderate skills can cause disruption to outright destruction of critical infrastructure at low cost and in short order. Contrary to popular wisdom, an attack against a nuclear power or hydro-electric plant doesn't require the resources of a nation state...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Does DoE Know the Difference Between IT and Control Systems?

March 20, 2012 Added by:Joe Weiss

In September 2011 DOE issued the first draft of the Electricity SubSector Cybersecurity Risk Management Process document for comments. The document essentially equated IT and ICS. Doesn't DOE understand the difference between IT and Control Systems?

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Windows Remote Desktop Protocol Vulnerability

March 20, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a Remote Desktop Protocol (RDP) vulnerability, which with successful exploitation in the control systems environment could lead to system processes freezing and potentially allow remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GE Intelligent Platforms Proficy Historian Data Advisory

March 15, 2012 Added by:Infosec Island Admin

ICS-CERT received a report from GE Intelligent Platforms concerning a memory corruption vulnerability in the GE Intelligent Platforms Proficy Historian Data Archiver could allow an attacker to cause the service to crash, and may lead to arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GE Intelligent Platforms Proficy Plant Vulnerability

March 14, 2012 Added by:Infosec Island Admin

ICS-CERT received a report concerning multiple memory corruption vulnerabilities in the GE Intelligent Platforms Proficy Plant Applications which could allow an attacker to cause multiple Proficy services to crash, which may lead to arbitrary code execution...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »