Blog Posts Tagged with "Stuxnet"
What are Cyber Weapons?
March 14, 2012 Added by:Dan Dieterle
"Instruments of code-borne attack span a wide spectrum, from generic but low-potential tools to specific but high-potential weaponry. This distinction brings into relief a two-pronged hypothesis that stands in stark contrast to some of the received wisdom on cyber-security..."
Comments (0)
A Stuxnet Drinking Game
March 12, 2012 Added by:Joel Harding
If one deconstructs Stuxnet down to its basic functions, nothing is new - but in its execution, success and the huge publicity of its discovery, Stuxnet is a finely manufactured weapon which I expect will be duplicated in its functionality many, many times...
Comments (0)
Smart Grid Network Security Spending to Reach $14 Billion
March 12, 2012 Added by:Headlines
"Utilities have – as many predicted – realized that their grids are no longer isolated or protected from attackers. Smart grids need intelligence or they are not smart. Adding that intelligence to grids will increase their attack surface and utilities know this..."
Comments (0)
Are DOE and DHS Helping to Secure the Infrastructure or Not?
March 08, 2012 Added by:Joe Weiss
DOE and the utilities are in an effort to secure the Grid. Yet the utilities voted down Version 5 of the NERC CIPs. Many of the devices that have been demonstrated to be vulnerable would not be addressed by NERC. Who is responsible for protecting critical infrastructure?
Comments (0)
MS08_068 + MS10_046 = FUN UNTIL 2018
March 06, 2012 Added by:Rob Fuller
If you are on an internal penetration test and either exploit a machine or find an open share, you can create an LNK file with an icon that points at a nonexistent share on your attacking machine's IP...
Comments (0)
Observations from RSA, BSides, and GABA
March 03, 2012 Added by:Joe Weiss
Stuxnet was being discussed by many without understanding the controller aspect. Most vendors were using technologies developed for monitoring IT networks and applying them to the SCADA networks. There were very few vendors that were addressing the field controllers...
Comments (0)
The Cyber Arms Race: Casting Shadows on the Future
March 01, 2012 Added by:Pierluigi Paganini
We are confronted with a new arms race for cyber weapons, and as governments around the world compete for innovation, a cultural revolution is occurring in nations which have been considered minor, and which are now nearly on par superpowers like the U.S. and China...
Comments (0)
Antivirus Ban for Iran: A Controversial Penalty
February 20, 2012 Added by:Pierluigi Paganini
Iran will be banned from the purchase of antivirus systems, a technological embargo with clear implications for the Stuxnet virus attacks and the need to prevent further infections to control systems for critical infrastructures, namely their nuclear programs...
Comments (0)
Iran Successfully Eradicates Stuxnet Virus Infestation
February 15, 2012 Added by:Headlines
"I would assume that once Iran learned of Stuxnet, then intelligence agencies looked at this method of cyber attack as compromised regardless of how long it has taken Iran to neutralize it. It is a cat and mouse game..."
Comments (0)
Iran Remains Defiant in Confronting Cyber Attacks
February 14, 2012 Added by:Headlines
"Iranian experts possess adequate knowledge to confront cyber threats. All nuclear facilities in the country are immune from cyber attacks... Many viruses are produced in the world every day... there has been no destructive impact inside the country," said Gholam-Reza Jalali...
Comments (1)
What's More Important - Vulnerabilities or Actual Incidents?
February 13, 2012 Added by:Joe Weiss
To at least some of us in the control systems community these vulnerabilities are not unexpected. The fact that many of these systems are also connected to the Internet as Eireann Leverett demonstrated is also not new, even though the numbers of control system connected to the Internet are striking.
Comments (0)
Hidebound Governments Unprepared for Cyber Threats
February 05, 2012 Added by:James Colbert
“Even if they brilliantly secure their networks, the greatest threat that organizations face is that they are still vulnerable if their minimum wage security guards are disgruntled or their physical access control systems can be easily bypassed...”
Comments (0)
Stuxnet: Are We Safe Now? Of Course Not...
January 31, 2012 Added by:Pierluigi Paganini
We are fighting with an invisible enemy. We are under attack, and we have no idea of the potentiality of agents that theatrically could remain in stealth mode inside the target, avoiding security systems for several years, gathering information and preparing the final attack...
Comments (0)
The Implications of Malware-as-a-Service
January 25, 2012 Added by:Pierluigi Paganini
Criminal operations are managed as corporations and malware is designed as a service, with a maniacal attention paid to product quality. The life cycle is the most amazing aspect: From design, release, to after sales support - each stage is implemented with care and attention...
Comments (0)
Duqu: The Worst May Come for Critical Infrastructure
January 04, 2012 Added by:Pierluigi Paganini
The modular nature of Duqu should cause us to jump from our chairs. It is reasonable to assume that Duqu is a work in progress, and the ability to change its structure at different times using modules designed specifically for precise goals makes this malware unique and formidable...
Comments (0)
Iran, the Cyber Threat... Are We Creating A New Enemy?
January 02, 2012 Added by:Pierluigi Paganini
But are we sure that this is true? No one doubts Iran's capabilities, but there is no doubt that their means and financial resources are nothing compared to those of the U.S., China, Israel and Russia. Although we are faced with a Nation that has fully understood the importance of a cyber strategy, we cannot certainly consider it more offensive than others...
Comments (4)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)