Items Tagged with "Infrastructure"


7fef78c47060974e0b8392e305f0daf0

DOE: Twenty-One Steps to Improve SCADA Security

June 05, 2012

Action is required by all organizations to secure their SCADA networks as part of the effort to protect the nation’s critical infrastructure. The President’s Critical Infrastructure Protection Board and the Department of Energy have developed steps to help organizations improve SCADA security...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Cybersecurity Outlook: 2012 Summer Olympic Games

June 04, 2012

Scams, malware campaigns and attacks will continue to grow in scale and complexity as the 27 July opening ceremony in London draws near. Event organizers, sponsors and British authorities continue to increase their physical and cybersecurity awareness as the event approaches...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Cyberwar Threats and Critical Infrastructure Vulnerabilities

May 31, 2012 Added by:Headlines

"Targeted attacks are increasing dramatically. It could be state sponsored or it could be just hacktivists or it could be a cyber criminal organisation. But we know the number one target is government institutions and the second is manufacturing, including oil and gas..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Measuresoft ScadaPro DLL Hijack Vulnerability

May 29, 2012 Added by:Infosec Island Admin

Independent researcher Carlos Mario Penagos Hollmann identified a remotely exploitable, uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in Measuresoft’s ScadaPro application which may lead to arbitrary code execution...

Comments  (0)

A966b1b38ca147f3e9a60890030926c9

On Air Gaps and Killer Toothbrushes

May 28, 2012 Added by:Chris Blask

Air gaps do not and should not exist. Patching vulnerabilities won't make systems secure. Standards and regulations are here to stay. The threat will surpass our ability to tolerate it long before we can re-engineer and re-deploy every vulnerable system. These are all just facts...

Comments  (2)

C4363f41d25c216c53c8d71a1ac44a90

Notes on Electromagnetic Pulse (EMP) in US, UK, NL

May 22, 2012 Added by:Matthijs R. Koot

In 2009, there was a discussion on a forum for pilots about an article that argued that a commercial aircraft could be brought down by DIY EMP bombs. Also in 2009, the U.S. Patent Application for an Electromagnetic pulse (EMP) hardened information infrastructure was filed...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: From the Trenches - A Tabletop Exercise

May 22, 2012 Added by:Infosec Island Admin

Incident response is critical. During a real incident, you don’t want to discover major gaps in policy/procedure and/or technology tools. The collaboration that occurs during the exercise helps to understand the roles and responsibilities that each of us have during cyber attacks...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Former DHS Director Sean Paul McGurk Joins ICS ISAC

May 22, 2012 Added by:Headlines

Malware such as Stuxnet and Duqu have led to the recognition of broader systemic vulnerabilities within critical infrastructure which until recently have been largely disconnected. Addressing the resiliency of these systems must occur at technical, organizational and policy levels...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Protecting SCADA Systems with Air Gaps is a Myth

May 21, 2012 Added by:Headlines

Speaking at AusCERT, SCADA security expert Eric Byres stated that “the whole concept of trying to protect SCADA systems with air gaps is a myth" perpetuated by those who believe "bad things will never happen to the control systems..."

Comments  (7)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Advantech ISSymbol ActiveX Buffer Overflow

May 21, 2012 Added by:Infosec Island Admin

Researchers have identified multiple buffer overflow vulnerabilities in the Advantech Studio product that could allow an attacker to cause buffer overflows, which in turn can allow arbitrary execution code. An exploit code is known to exist that targets these vulnerabilities...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

SCADA Security: Consequences and Difficulty with Incentives

May 18, 2012 Added by:Rafal Los

Here's the problem - when it comes to critical infrastructure protection it's very difficult to legislate and regulate the organizations that matter into a state of better security. The problem is that in order to enforce policy and rules there either have to be consequences to failing, or incentives not to fail - or both...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Kaspersky Warns of Critical Infrastructure Vulnerabilities

May 18, 2012 Added by:Headlines

“It’s not possible to protect. Stuxnet told us that modern systems are not protected... SCADA could be very easy victims – the result of an attack could be like Stuxnet but everywhere... [We] need to understand the danger of cyber-weapons and of cyber-war to ruin national infrastructure..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Wonderware Unicode String Vulnerability

May 17, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report identifying an unallocated Unicode string vulnerability with proof-of-concept exploit code that affects the Invensys Wonderware SuiteLink service which could allow an attacker to remotely crash older versions of the service...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Smart Grid Security: An Inside View from Patrick C. Miller

May 16, 2012 Added by:Larry Karisny

A March survey revealed that two-thirds energy security professionals think smart-grid projects do not adequately deal with security threats. Larry Karisny interviewed Patrick C. Miller, president and CEO of EnergySec, about the survey and the subject of smart-grid security...

Comments  (0)

C4363f41d25c216c53c8d71a1ac44a90

Dutch MoD Innovation Competition 2012: CYBER Operations 2.0

May 16, 2012 Added by:Matthijs R. Koot

The Dutch Ministry of Defense's (MoD) annually issues a "Defense Innovation Competition" is a competition that is intended to get input from and foster relations with Dutch industry and SME. This year's theme is "CYBER Operations 2.0"...

Comments  (0)

5106d48203954b74e6ea495e5c7f21b0

No National 'Stand Your Cyberground' Law Please

May 14, 2012 Added by:William Mcborrough

We know that some attacks on our privately owned critical infrastructure have been attributed to foreign government networks. Would it be wise to license companies to attack these networks? The last thing we need is an international incident started by some SysAdmin..

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »