Network Security
Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
May 16, 2013 Added by:Francis Cianfrocca
Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.
Comments (0)
The Evolution of Industrial Control System Information Sharing
May 16, 2013 Added by:Anthony M. Freed
The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.
Comments (0)
Do You Have a Vendor Security Check List? You Should!
May 09, 2013 Added by:Michael Fornal
A security check list is a list of security controls that a vendor or application must meet. These controls can range from how storage back up is to be done, to password complexity requirements. Having a checklist can help you in deciding if the application or vendor conforms to your company’s security requirements.
Comments (0)
Resilience ‒ The way to Survive a Cyber Attack
May 07, 2013 Added by:Jarno Limnéll
In reality, a well-prepared cyber attack does not need to last for 15 minutes to succeed. After preparations it takes only seconds to conduct the attack which may hit targets next door as well as those on the other side of the world.
Comments (0)
SCADA and ICS Cyber Security - Facing the Facts
May 05, 2013 Added by:Eric Byres
In the past, the main reason for securing a SCADA/ICS network was to protect against inadvertent network incidents or attacks from insiders. The risk of an external malicious cyber-attack was considered minimal.
Comments (0)
On Dutch Banking Woes and DDoS Attacks
April 25, 2013 Added by:Don Eijndhoven
If you don't live in the Netherlands or don't happen to have a Dutch bank account, you can certainly be forgiven for not having caught wind of the major banking woes that have been plaguing the Dutch.
Comments (0)
Google: Black Hat or White Hat?
April 23, 2013 Added by:Larry Karisny
Google has a perfect opportunity to be a leader in cybersecurity. Google’s recent network -- and acquisitions and hires -- in Austin, Texas, is an opportunity to do security right the first time.
Comments (1)
New Approaches for Blocking Zero-Day Exploits to Prevent APTs
April 16, 2013 Added by:George Tubin
Cybercriminals continue to develop new methods to bypass security controls in order to install malware on corporate endpoints. An endpoint protection approach that provides both effectiveness and manageability must begin with an understanding of the attack vectors that require mitigation.
Comments (1)
Securing SCADA Systems - Why Choose Compensating Controls?
April 12, 2013 Added by:Eric Byres
This week, Eric looks at the pros and cons of using compensating controls as an alternative to patching, and discuss the requirements for success.
Comments (0)
Attack Vector Undefined: Dismantling ‘Defense in Depth’ through Power Grid.
April 12, 2013 Added by:Mikko Jakonen
Well, before COTS (Commercial Off The Shelve) came popular in military and other organizations thinking their security, this could have been avoided. Nowadays, very difficult. Even in trailers. You still need only one computer making possible to interact with others – in many different NETs existing :)
Comments (0)
Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure
April 09, 2013 Added by:Ben Rothke
In Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure, authors Eric Knapp and Raj Samani provide and excellent overview on what the smart grid is and how it can be secured.
Comments (1)
Making Patching Work for SCADA and Industrial Control System Security
April 05, 2013 Added by:Eric Byres
Applying patches is a critical part of good security. According to US-CERT, about 95% of all network intrusions could have been avoided by keeping systems up to date with appropriate patches. What I am against is patching as a knee-jerk reaction to security vulnerabilities. You can’t expect your control system to operate reliably if you don’t have a controlled process for patching.
Comments (0)
Protect Data Not Devices?
April 05, 2013 Added by:Simon Moffatt
As the devices becomes smarter, greater emphasis is placed on the data and services those devices access. Smartphones today come with a healthy array of encryption features, remote backup, remote data syncing for things like contacts, pictures and music, as well device syncing software like Dropbox. How much data is actually specifically related to the device?
Comments (0)
ICS-CERT Alerts of Mitsubishi MX SCADA Vulnerability
April 03, 2013 Added by:Steve Ragan
ICS-CERT has issued a warning this week after vulnerability details concerning Mitsubishi’s MX Component started to gain attention online.
Comments (0)
SCADA and ICS Security Patching: The Good, the Bad and the Ugly
March 26, 2013 Added by:Eric Byres
Let's examine the good, the bad and the ugly details of patching as a means to secure SCADA and ICS systems. And to begin, let’s suppose patches could be installed without shutting down the process...
Comments (1)
Installing Kali Linux on a Raspberry Pi and Connecting to it Remotely
March 19, 2013 Added by:Dan Dieterle
Kali is the newest version of the Backtrack security penetration testing Linux platform. Wouldn’t it be cool if you could run Kali from a $35 Raspberry Pi computer? This tutorial explains how to install Kali Linux on a Raspberry Pi.
Comments (0)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox