SCADA
Defining the Qualities of Cyber Warfare
February 14, 2013 Added by:Jarno Limnéll
Cyber warfare is one of the hottest topics currently trending in newsfeeds and, although many are quick to use the term, not everyone fully understands the concept.
Comments (1)
Time to Speak Up on New IF-MAP Specs for ICS and SCADA Security
February 12, 2013 Added by:Eric Byres
Something I believe industry urgently needs is better standards for information exchange between security solutions. Unfortunately while TCG has had feedback from the IT community, they have received little from the SCADA or ICS community. I encourage everyone involved with SCADA and ICS security to review the specification.
Comments (0)
Bit9 Suffers Breach After Failing to Follow Corporate Policy
February 11, 2013 Added by:Steve Ragan
If you need a one off example this week of why internal policies are important, or why failure to adhere to them could spell trouble, look no further than Bit9.
Comments (0)
Network Security Dark Space: What You Don’t Know Can Hurt You
February 11, 2013 Added by:Infosec Island
Dark space is everywhere – it’s a major challenge to security teams everywhere. The good news is the problem can be solved, and complete coverage can be achieved.
Comments (0)
New York Times Attacks Show Need For New Security Defenses
February 01, 2013 Added by:Infosec Island
The recent attacks against the New York Times allegedly carried out by the Chinese military highlight the importance of layered security to protect sensitive systems and data.
Comments (0)
SCADA Security Directions for 2013 - How Will ICS and SCADA Security Change in 2013?
February 01, 2013 Added by:Eric Byres
You see, every January I get asked to make between three and five predictions for the upcoming year. Then every December people remind me that I made those predictions 12 months ago. Then they get to tell me how poorly I did.
Comments (0)
Security Analytics: Hype or Huge?
February 01, 2013 Added by:Simon Moffatt
This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...
Comments (0)
The Case for National Cyber Labs
January 31, 2013 Added by:Don Eijndhoven
Cyber Ranges as these networks are now often referred to, are fun! And they’re extremely useful in developing real-world skills without disappearing behind bars. It’s not even a new idea; various militaries have been doing it for a while now...
Comments (0)
UPnP Security Flaws Expose 40-50 Million Networked Devices
January 29, 2013 Added by:Infosec Island
Researchers at Rapid7 have uncovered that roughly 40-50 million network-enabled devices are at risk due to vulnerabilities in the Universal Plug and Play (UPnP) protocol.
Comments (0)
Trojans for the Bundestag – German PD acquired Finfisher
January 29, 2013 Added by:Don Eijndhoven
German political platform NetzPolitik.org has now uncovered secret documents belonging to the Ministry of Finance, that the Ministry of the Interior sent to the Bundestag (the political seat of Germany) that reveals the German Federal Police’s intention to use Gamma Group’s Finfisher spyware...
Comments (0)
Common Sense Cybersecurity
January 13, 2013 Added by:Larry Karisny
We start with one big problem. Internet architecture was never made for security. One of my earliest articles quoted the father of the Internet Vint Cerf by saying, "One of things incumbent on all of us is to introduce strong authentication into the fabric of the smart grid. We did not do that with the Internet."
Comments (0)
A New Way of Detecting Cybersecurity Attacks
January 04, 2013 Added by:Larry Karisny
Current IDS solutions have high instances of false positives and true negatives and are extremely costly to maintain. Current IDS solutions were not designed for today's hyper connected business processes with high volume of instances. Attempting to detect misuse or anomalous behaviors requires infinite numbers of rules, patterns or algorithms, which is not possible, and is therefore the cause of ...
Comments (0)
Perfect Citizen, US vulnerability assessment program on critical infrastructures
January 02, 2013 Added by:Pierluigi Paganini
CNET web site has published a news on a secret National Security Agency program named Perfect Citizen that is targeting on large-scale the control systems inside utilities, including power grid and gas pipeline controllers, with the purpose to discover security vulnerabilities.
Comments (0)
Stuxnet is Back! No, new agencies have misunderstood
December 27, 2012 Added by:Pierluigi Paganini
Everytime news related to Stuxnet is spread on the Internet, immediately the worldwide security community writes on cyber war and the possible consequences of a cyber attacks, but what is really happening this time?
Comments (0)
Cybersecurity and 'Smart Encryption'
December 20, 2012 Added by:Larry Karisny
Paul “Prem” Sobel is a Cal Tech MS in electrical engineering and has dedicated a 40-year career to protecting mission-critical systems. He worked with IBM, NASA, Northrop and Intel before launching MerlinCryption LLC. In this edited interview, Sobel discusses security technologies and critical infrastructure vulnerabilities...
Comments (0)
Proactive defense, humans or machines… that’s the question
November 27, 2012 Added by:Pierluigi Paganini
Cyber conflicts are characterized by the necessity of an immediate cyber response to the incoming cyber threats, in many cases the reaction must be instantaneous to avoid the destruction of assets and resources. The human factor could represent an element of delay...
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!