Items Tagged with "Infrastructure"
January 12, 2017 Added by:Nathan Wenzler
Any security program can benefit immediately by reviewing internal policies, improving the metrics used to measure their program's success, and consulting with legal counsel to ensure proper insurances and other risk mitigation plans are in place.
October 25, 2012 Added by:Stefano Mele
The Office of the Auditor General of the Canada revealed in an audit made public October 23 that "the cyber threat environment is evolving more rapidly than the Canada government´s ability to keep pace"...
September 27, 2012 Added by:Dan Dieterle
What would you do if the lights suddenly went out? Where would you get news from? Or more importantly water? Keep cool or get heat? Though many disregard warnings about critical infrastructure attacks what if the worst did happen, would you be prepared?
September 26, 2012 Added by:Pierluigi Paganini
A possible Iranian cyber offensive against US banks has been discussed recently, and immediately denied by government of Teheran. Financial institutions are targets for a cyber attacks, as the banking system is a critical asset for a nation and its paralysis could damage economic activities...
August 28, 2012 Added by:Joel Harding
So what is cyberwar? Most people feel that some country is going to launch attacks against another, trying to blind their military, mute the government and make life incredibly miserable for their citizens. If the attack is successful, part of the economic base will probably be permanently destroyed...
August 25, 2012 Added by:Tripwire Inc
One area that seems to be ignored is the infrastructure that supports increasingly cloud dependent mobile devices, possibly due to many not seeing server exploits and defenses as anything new. However, as the popularity of mobile devices push services such as the iCloud, exposure increases exponentially...
August 22, 2012 Added by:Pierluigi Paganini
Incidents like this are bound to increase, as attacks by political groups and governments are occurring with increasing frequency, and it is a miracle that so far there has been no loss of life. But in the near future, every company and agency will need to prepare for such events in order to avoid catastrophic consequences...
August 21, 2012 Added by:Bill Gerneglia
Those who have labeled COBOL ‘a dying language’ should reconsider. With COBOL supporting the majority of the world’s businesses, it is impossible to dispute its viability in the enterprise. It remains a cornerstone of business-critical applications and has successfully navigated through each computing generation...
August 07, 2012 Added by:Larry Karisny
From securing Intrusion Prevention Systems (IPS) that now must securely encrypt the new end point of nano sensors chip sets to Intrusion Detection Systems (IDS) that must now be able to view real time event anomalies and business processes, this discussion showed the need for security technology change...
August 03, 2012 Added by:Infosec Island Admin
Researchers Carlos Mario Penagos Hollmann of IOActive, Michael Messner, and Luigi Auriemma have separately identified multiple vulnerabilities in Sielco Sistemi’s Winlog application. These vulnerabilities can be remotely exploited. Exploit code is publicly available for these vulnerabilities...
July 23, 2012 Added by:Bob Radvanovsky
I am quickly growing weary of the fact that individuals claiming to be "cybersecurity" or "critical infrastructure" subject-matter experts (or "SMEs"), are indicating that adherence to a regulatory requirement or compliance governance means that something is "secured". Let's get one thing straight...
July 23, 2012 Added by:Infosec Island Admin
ICS-CERT has received a report from OSIsoft concerning a stack-based buffer overflow in the PI OPC DA Interface software that could cause the software to crash or allow a remote attacker to execute arbitrary code. This vulnerability was discovered during a software assessment requested by OSIsoft and funded by DHS...
July 20, 2012
"Critical infrastructure is increasingly vulnerable to cyber threats... The destruction or exploitation of critical infrastructure through a cyber attack, whether a nuclear power plant, a region’s water supply, or a major financial market, could cripple our economy, our national security... We must act now..."
July 16, 2012 Added by:Stefano Mele
"Survivability, resilient, enduring, and effective communications, both domestic and international, are essential to enable the executive branch to communicate... Such communications must be possible under all circumstances to ensure national security, effectively manage emergencies, and improve national resilience..."
July 16, 2012 Added by:Infosec Island Admin
Researchers have notified ICS-CERT of a directory traversal and weak credential storage vulnerability with proof-of-concept exploit code for Tridium Niagara AX Framework software that is exploitable by downloading and decrypting the file containing the user credentials from the server...
July 15, 2012 Added by:Ben Rothke
Protecting “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters”...