Blog Posts Tagged with "Infrastructure"
May 03, 2012 Added by:Rafal Los
We need to move away from the control model into a governance model and acknowledge we're not going to have control over all of our risk. Any notion that you have control is a delusion. Assuming that if you control the environment you have better security is a fallacy...
May 03, 2012 Added by:Infosec Island Admin
ICS-CERT recommends that industrial control systems owners and operators contact their local fusion center to better understand the role of their fusion center in supporting the private sector in critical infrastructure protection and cybersecurity...
May 01, 2012 Added by:Infosec Island Admin
"The Department of Homeland Security is proud to be one of the sponsors of this competition that took place over the course of three days and focused on the operational aspects of securing and defending a 'commercial' network infrastructure..."
April 29, 2012 Added by:Michelle Valdez
Congress is procrastinating with regards to cybersecurity legislation. The debates will continue about regulation and authorities and privacy rights but in the end, we all need to come together and find the best way to share threat data so that we can protect critical networks...
April 28, 2012 Added by:Dan Dieterle
U.S. networks would be much stronger if companies enforced standard security procedures. My question is why hasn’t critical infrastructure entities already implemented it? And why would we need more legislation passed to force them to do it, when it should already be done?
April 27, 2012 Added by:Pierluigi Paganini
The growing tension between Iran, the U.S. and Israel does not bode well, however the reports persistently circulated on the Internet don't add anything new to a scenario that has long been known. Iran has long understood how strategic a strong presence in cyber space is...
April 27, 2012 Added by:Joe Weiss
The implication is that vendors aren’t interested in securing their legacy products. I do know that many ICS vendors supporting the electric industry are frustrated because the utilities may not be required to actually secure these systems to be NERC CIP compliant...
April 27, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a default backdoor user account with a password with trivial encoding affecting RuggedCom RuggedSwitch and RuggedServer devices using Rugged OS. The vulnerability is exploitable by generating a password from known data about the device...
April 26, 2012 Added by:Headlines
Cybersecurity experts will testify before Congress today on the high probability that the Iranian government is engaged in building a cyber offensive force geared towards attacks against critical U.S. infrastructure targets including power and water distribution facilities...
April 26, 2012 Added by:Brent Huston
ICS/SCADA owners must strive to clearly identify their needs around cellular technologies, clearly demarcate the requirements for private/segmented/public cellular network use and understand the benefits/issues and threats of what they are utilizing...
April 25, 2012 Added by:Headlines
"Every day nations and 'hacktivist' groups penetrate our public and private computer networks. The degradation of our national security and intellectual property from cyber theft threatens to weaken us where we have been historically strong: in our ingenuity and creativity..."
April 24, 2012 Added by:Infosec Island Admin
Social engineering attempts can be highly targeted and conducted in a way that is much more difficult to detect than the spam and phishing emails we receive in our inbox. Phone-based social engineering attempts were recently experienced at two or more power distribution companies...
April 20, 2012 Added by:Infosec Island Admin
ICS-CERT has received reports detailing several vulnerabilities in Siemens SIMATIC WinCC Human-Machine Interface application which could allow an attacker to log on to a system as a user or administrator with the ability to execute arbitrary code or obtain full access to files...
April 18, 2012 Added by:Infosec Island Admin
Exploitation of the vulnerability allows an attacker to perform malicious actions which may lead to a denial of service condition or possible arbitrary code execution. These actions may ultimately impact the process environment in which the system is deployed...
April 17, 2012 Added by:Pierluigi Paganini
Banking is a vital component of a country, it is considered in every cyber strategy as critical infrastructure. If a country is attacked so that its financial institutions fail it would produce an environment for other cyber and military operations, a typical cyberwar scenario...
April 17, 2012 Added by:Dan Dieterle
One of the biggest threats that you hear is that hackers could take out the power grid and all the power would be shut off. America would be thrown back to the power stone age in the flick of a switch (or a series of SCADA exploits). But is this true? The answer is no...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013