Items Tagged with "Infrastructure"


7fef78c47060974e0b8392e305f0daf0

ICS-CERT: WellinTech KingSCADA Insecure Password Encryption

May 10, 2012 Added by:Infosec Island Admin

Researchers Alexandr Polyakov and Alexey Sintsov from DSecRG identified an unsecure password encryption vulnerability in WellinTech KingSCADA application. When KingSCADA OPCServer and OPCClient are not on the same node, a remote attacker may obtain passwords to the system...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Join ICS-CERT on the US-CERT Secure Portal

May 09, 2012 Added by:Infosec Island Admin

One of the best kept secrets in the critical infrastructure world is the US-CERT secure portal, a web-based platform that provides a mechanism for secure, unclassified information exchange between government agencies and the private sector asset owners and operators...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Planning for a Cyber Incident?

May 08, 2012 Added by:Infosec Island Admin

Organizations without an existing incident response capability should consider establishing one. To aid control systems owners and operators, the CSSP has prepared a Recommended Practice: Developing an Industrial Control Systems Cybersecurity Incident Response Capability...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

DHS: National Preparedness Report and Cybersecurity

May 08, 2012

Cyber attacks have increased significantly in number and sophistication resulting in the Federal Government and private sector partners expanding their cybersecurity efforts. US-CERT reported an over 650-percent increase in the number of incidents reported by federal agencies...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

US Gas Pipeline Companies Under Major Cyber Attack

May 07, 2012 Added by:Headlines

“Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source. It goes on to broadly describe a sophisticated 'spear-phishing' campaign..."

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Getting Started Securing Industrial Assets

May 04, 2012 Added by:Infosec Island Admin

Over the past year significant discoveries in the areas of adversarial capabilities have identified that many companies across the 18 critical infrastructure and key resources (CIKR) are struggling to cope with the growing threats. Efforts have been taken to defend critical assets...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS: Industrial Control Systems Threats Increasing

May 03, 2012 Added by:Headlines

“We pay particular attention to industrial control systems. We’re seeing a troubling increase in the threats and the vulnerabilities associated with those. But we are making progress on that, I think,” DHS deputy undersecretary for cybersecurity Mark Weatherford said...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Five Conversations that will Shape Your Cloud Security Model

May 03, 2012 Added by:Rafal Los

We need to move away from the control model into a governance model and acknowledge we're not going to have control over all of our risk. Any notion that you have control is a delusion. Assuming that if you control the environment you have better security is a fallacy...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: The Role of Fusion Centers

May 03, 2012 Added by:Infosec Island Admin

ICS-CERT recommends that industrial control systems owners and operators contact their local fusion center to better understand the role of their fusion center in supporting the private sector in critical infrastructure protection and cybersecurity...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

National Collegiate Cyber Defense Competition (NCCDC)

May 01, 2012 Added by:Infosec Island Admin

"The Department of Homeland Security is proud to be one of the sponsors of this competition that took place over the course of three days and focused on the operational aspects of securing and defending a 'commercial' network infrastructure..."

Comments  (0)

4289a029dd052b867dafc6cdf5bde53b

Procrastination in Cybersecurity Legislation

April 29, 2012 Added by:Michelle Valdez

Congress is procrastinating with regards to cybersecurity legislation. The debates will continue about regulation and authorities and privacy rights but in the end, we all need to come together and find the best way to share threat data so that we can protect critical networks...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Cybersecurity Legislation Needed to Prevent Inevitable Attack

April 28, 2012 Added by:Dan Dieterle

U.S. networks would be much stronger if companies enforced standard security procedures. My question is why hasn’t critical infrastructure entities already implemented it? And why would we need more legislation passed to force them to do it, when it should already be done?

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Iran vs. The West: Cyberwar or Media Hype?

April 27, 2012 Added by:Pierluigi Paganini

The growing tension between Iran, the U.S. and Israel does not bode well, however the reports persistently circulated on the Internet don't add anything new to a scenario that has long been known. Iran has long understood how strategic a strong presence in cyber space is...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Are ICS Vendors Really to Blame for Insecure Systems?

April 27, 2012 Added by:Joe Weiss

The implication is that vendors aren’t interested in securing their legacy products. I do know that many ICS vendors supporting the electric industry are frustrated because the utilities may not be required to actually secure these systems to be NERC CIP compliant...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: RuggedCom Weak Cryptography Vulnerability

April 27, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a default backdoor user account with a password with trivial encoding affecting RuggedCom RuggedSwitch and RuggedServer devices using Rugged OS. The vulnerability is exploitable by generating a password from known data about the device...

Comments  (0)

A966b1b38ca147f3e9a60890030926c9

LIGHTS: Addressing Cybersecurity for Smaller Facilities

April 26, 2012

Watch the roundtable launch of the LIGHTS program from April 24. LIGHTS Chair Chris Blask opens with a presentation on major issues facing industrial facilities, then is joined by Energysec's Steve Parker, Joel Langill a.k.a. SCADAHacker, and AWWA's Kevin Morley and Gary Sturdavan...

Comments  (1)

Page « < 2 - 3 - 4 - 5 - 6 > »