Blog Posts Tagged with "Infrastructure"

03b2ceb73723f8b53cd533e4fba898ee

Iranian Bank Accounts Hacked: A Cyber Warfare Hypothesis

April 17, 2012 Added by:Pierluigi Paganini

Banking is a vital component of a country, it is considered in every cyber strategy as critical infrastructure. If a country is attacked so that its financial institutions fail it would produce an environment for other cyber and military operations, a typical cyberwar scenario...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

All the Lights Will Not Go Out in a Cyber Attack

April 17, 2012 Added by:Dan Dieterle

One of the biggest threats that you hear is that hackers could take out the power grid and all the power would be shut off. America would be thrown back to the power stone age in the flick of a switch (or a series of SCADA exploits). But is this true? The answer is no...

Comments  (5)

A966b1b38ca147f3e9a60890030926c9

Information Sharing and the ICS-ISAC

April 15, 2012 Added by:Chris Blask

The topic of information sharing has become one of the most interesting in finding “The Solution” to ICS security. Aspects securing industrial control systems – including timing, technology and workforce – suggest that answers lie less in technology and more in Robert’s Rules...

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

Botnets a Growing National Security Concern

April 13, 2012 Added by:Pierluigi Paganini

There is no clear line between cybercrime and cyber warfare, and botnets are a serious threat with tremendous offensive potential. Through a botnet it is possible to attack the nerve centers of a country, and isolated attacks can target critical infrastructure...

Comments  (1)

201d6e4b7cd0350a1a9ef6e856e28341

Misconceptions about Aurora: Why Isn't More Being Done

April 13, 2012 Added by:Joe Weiss

The 2007 Aurora test at the Idaho National Laboratory demonstrated that if someone can gain access to a controller, the attacker will cause physical damage. As Aurora is a gap in protection of the electric grid, one way to prevent an Aurora attack is by hardware mitigation...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: MICROSYS PROMOTIC Vulnerability POC

April 13, 2012 Added by:Infosec Island Admin

Researcher Luigi Auriemma identified and released proof of concept code (POC) for a use after free vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application wgich may result in adverse conditions ranging from the corruption of valid data to the execution of arbitrary code...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Cyber Security Legislation: What Does it Mean for Citizens?

April 12, 2012 Added by:Robert Siciliano

Members of Congress have recognized the need for increased security and introduced approximately fifty bills in the last session. The proposed legislation is focused on improving cyber security for citizens, critical infrastructure, and the Federal Government’s own networks...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: 3S-Software CoDeSys Improper Access Control

April 10, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of improper access control vulnerability affecting 3S-Software CoDeSys which could allow an attacker can upload unauthenticated configuration changes to the PLC which may include arbitrary code...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Meetings with DOD and Congress on SCADA Security

April 09, 2012 Added by:Joe Weiss

I was asked by DOD how to get an organization to address OT security. The only chance for OT security to succeed is if senior management drives it. There are only a few utilities whose senior management mandated they be secure not just compliant. What a sorry commentary...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Wago IPC Multiple Vulnerabilities

April 09, 2012 Added by:Infosec Island Admin

Multiple vulnerabilities affecting the WAGO IPC 758-870, which is an embedded Linux programmable logic controller (PLC)could allow an attacker to gain unauthorized access or to make unauthenticated configuration changes, which may include arbitrary code...

Comments  (0)

A966b1b38ca147f3e9a60890030926c9

LIGHTS Webinar: Cybersecurity Across Critical Infrastructures

April 08, 2012 Added by:Chris Blask

LIGHTS is a private-private non-profit partnership which provides a collaborative space to promote cybersecurity situational awareness across critical infrastructures. The goal of LIGHTS is to increase visibility into threats by making security monitoring ubiquitous...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

Cybersecurity Problems Found in Electrical Infrastructure

April 07, 2012 Added by:Joel Harding

DOE is in charge of locating and fixing critical infrastructure problems within the energy sector. Do they, in turn, report to DHS if it has to do with critical infrastructure? Does DHS oversee DOE’s cybersecurity problems, their critical infrastructure problems or...?

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: ABB WebWare Server Buffer Overflow

April 06, 2012 Added by:Infosec Island Admin

Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which if exploited could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Workshop on SCADA - ICS Security

April 05, 2012 Added by:Headlines

Securing against unlawful and malicious attacks is especially vital when the computers control major physical systems—manufacturing plants, transportation systems, power grids. Cybersecurity for physical systems is the topic of an upcoming NIST workshop...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Invensys Wonderware Buffer Overflow Vulnerability

April 02, 2012 Added by:Infosec Island Admin

Researchers identified two buffer overflow vulnerabilities in the WWCabFile component of the Wonderware System Platform, and successful exploitation of these vulnerabilities will cause a buffer overflow that may allow remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

March 29, 2012 Added by:Infosec Island Admin

Researchers have identified two vulnerabilities that may result in a denial-of-service (DoS) condition in the Rockwell Automation FactoryTalk (FT) application which if successfully exploited may result in a Denial of Service condition...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »