August 27, 2014 Added by:Dan Dieterle
According to the report, a security audit of NOAA’s Information Technology security program found serious security issues with the JPSS Ground System which gathers information from weather satellites and provides it to worldwide users.
August 26, 2014 Added by:Patrick Oliver Graf
Flipping through any consumer publication that rates vehicles, you’ll see all the metrics you would expect – from safety and performance (acceleration, braking, etc.) to comfort, convenience and fuel economy. What you won’t find is an assessment of the car’s risk of being remotely hacked.
August 21, 2014 Added by:Identropy
An identity management implementation project will often extend 18-36 months based on the size and complexity of the organization. This is an extraordinary amount of time for any project sponsor to maintain passion around the project.
August 21, 2014 Added by:Joe Weiss
August 19th, I spent a day with the NERC Critical Infrastructure Protection (CIP) Version 5 Drafting team working on one of the NERC CIP Standards. The focus was on boundary protection, not on the actual control system devices and serial communications which were explicitly excluded.
August 20, 2014 Added by:Tripwire Inc
In our third and final post of this series, Tripwire’s Vulnerability and Exposure Research Team (VERT) highlights four more unnecessary risks that often appear in even the most secure networks.
August 19, 2014 Added by:Patrick Oliver Graf
If awards were given out at Black Hat 2014, one nominee for “Exploit of the Conference” would have won in a runaway – the “BadUSB” exploit.
August 14, 2014 Added by:Patrick Oliver Graf
It’s Groundhog Day all over again for retailers, following the U.S. Department of Homeland Security’s warning that they could, once again, be exploited by malicious actors.
August 13, 2014 Added by:Joe Weiss
There is still a prevailing view that control system cyber security is not real and the cost of addressing it is not commensurate with the 'benefits'.
August 11, 2014 Added by:Patrick Oliver Graf
During wartime, information can create just as much of an advantage for one side as the size of an army or the weapons they hold. That is, as long as this information is accurate, passed along to the right people and then acted upon quickly.
August 07, 2014 Added by:Anton Chuvakin
As I’ve written many times, SIEM is a “force multiplier”, but this definition implies that you have something to multiply. If you have 0 capabilities, a purchase of a SIEM tool will still leave you at – you guessed it!—0.
August 07, 2014 Added by:Joe Weiss
As with the other papers, the paper chairs reflect the upper strata in political Washington. Unfortunately, like the other papers, there is a lack of control system expertise that has been applied even though I was told more than 200 people worked on the paper.
August 06, 2014 Added by:Dan Dieterle
Recently I was talking with a Retail Point of Sale (POS) software expert and was told how a POS system was hacked by an attacker that had gained access to the network through a video security system.
July 31, 2014 Added by:Cyphort
Since the first report on Havex RAT’s involvement with Industrial Control Systems (ICS) emerged last month, ICS operators were reminded to what extent malware authors will go to intrude their systems.
Making Sense of Split Tunneling ... Caring Match on 08-28-2014
Top 10 Jobs For Criminal Hackers... Philip Miller on 08-28-2014
Fake YouTube Site Targets Activists with Mal... Miscall Kulop on 08-27-2014