June 12, 2014 Added by:Dan Dieterle
With the mad rush to make things more user friendly and convenient, security is being left aside, even in devices that are being used to protect facilities!
June 11, 2014 Added by:Joe Weiss
The story is that MANY ICSs are connected to the Internet and it isn’t expensive to find them.
June 11, 2014 Added by:Patrick Oliver Graf
Government BYOD is inevitable – IDC predicts that although currently “personal devices make up just 5 percent of the government market, that figure will grow at double-digit rates for the next three years.”
June 05, 2014 Added by:Dan Dieterle
OWASP ZAP is a web application penetration testing tool that has some great features. It is a very easy to use scanner that allows you to do manual or automatic website security checks. In this tutorial we will learn how to use the automatic attack feature.
June 02, 2014 Added by:Tripwire Inc
Executive leadership (including the board member) is not typically interested in operational security details such as answers to questions about specific security control metrics. This information is too detailed and will be viewed as “noise” by those outside the IT and security teams.
June 02, 2014 Added by:Joe Weiss
It's official! The 2014 (the 14th) ICS Cyber Security Conference will be held October 20 – 23, 2014 at the Georgia Tech Hotel and Conference Center in Atlanta.
May 29, 2014 Added by:Dan Dieterle
People trust and share way too much on social media sites, and unfortunately this extends to government employees and military troops around the world.
May 27, 2014 Added by:Tripwire Inc
So the question for us, security professionals and dabblers alike, is how do we make this moment one that makes a difference?
May 22, 2014 Added by:Rob Fuller
Most of the tools to exploit it either catch the authentication in NTLMv2/NTLMv1 (which is not always easy to crack) or assume administrative access (because they attempt to PSEXEC with the incoming session). Well, since MS08-068 that's much harder to pin down.
May 21, 2014 Added by:Joe Weiss
Stuxnet and Aurora utilized design features of the system or controllers to attack physical systems. Stuxnet and Aurora are not traditional network vulnerabilities and cannot be found or mitigated by using traditional IT security techniques.
May 20, 2014 Added by:Electronic Frontier Foundation
Here's how the House version of the USA Freedom Act compares to the Senate's version, what the new House version of the USA Freedom Act does, and what it sorely lacks.
May 13, 2014 Added by:Tripwire Inc
What do we mean when we talk about “hardening systems” to repel exploits and withstand intrusions? Much of this is captured in three simple concepts.
3 Things To Consider When Revisiting Your Ba... james russa on 09-22-2014
Security and Today’s Managed Service Provi... james russa on 09-22-2014
2014 ICS Cyber Security Conference: Register... james russa on 09-22-2014