US-CERT

201d6e4b7cd0350a1a9ef6e856e28341

Generation (Nuclear and Fossil) Cyber Incidents Continue to Occur and Nobody is Connecting the Dots

January 22, 2015 Added by:Joe Weiss

I have seen few attempts to provide guidance to end-users about common issues with control system cyber incidents that transcend industries and even national boundaries. The following was a result of a discussion with a relevant entity about a domestic fossil plant cyber incident and its commonality to several other plant cyber incidents.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

The NERC CIP's Are Not Making the Grid More Secure or Reliable

January 20, 2015 Added by:Joe Weiss

The North American Electric Corporation (NERC) Critical Infrastructure Protection (CIP) cyber security standards were developed to increase the cyber security and reliability of the electric grid. Unfortunately, they are not doing either.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

The Risk Within: Could an Ex-Employee Be Responsible for the Sony Hack?

January 19, 2015 Added by:Patrick Oliver Graf

One month ago, we asked, “What network security lessons can we learn from the Sony attack?” Since then, new information has been slow to trickle out, save for the FBI’s mid-December statement that assigned responsibility to the North Korean government.

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

How to Avoid Getting Phished

January 14, 2015 Added by:Brent Huston

It’s much easier for an attacker to “hack a human” than “hack a machine”. This is why complicated attacks against organizations often begin with the end user.

Comments  (0)

F45df53d99605d46f5ae32b7bed9fe22

Does Your Valuable Data Belong to Hackers?

January 05, 2015 Added by:Thu Pham

Every organization, regardless of size, is comprised of a variety of sensitive data - from HR and payroll handling medical, financial and personally identifiable employee data to your precious intellectual property. And each of these data types can be sold for a price on the black market, making them valuable to attackers financially as well as for blackmail purposes.

Comments  (5)

6a71825dbf6d876764b845e0fd664e0b

Moving from Alert-Driven to Intelligence-Driven Security

January 05, 2015 Added by:Paul Lipman

The emergence of smart, integrated, cloud-based security services will enable a transformation from an alert-centric to an intelligence-centric approach to security. This will vastly enhance the Chief Information Security Officer's (CISO’s) visibility and ultimately deliver substantial improvements in the robustness of the overall security posture.

Comments  (1)

Fc152e73692bc3c934d248f639d9e963

Forensic Examinations And Facts

December 23, 2014 Added by:PCI Guru

I am watching the news reports on the Sony breach and laughing at all of the “facts” that are being bandied about. I want to use the Sony breach as a teachable moment and explain that the “facts” may not be as factual as represented by the media, forensic examiners or even the FBI.

Comments  (1)

201d6e4b7cd0350a1a9ef6e856e28341

Aurora and DHS - a Misleading Response to a Significant Mistake

December 22, 2014 Added by:Joe Weiss

With all of the focus on cyber security one could expect that DHS is doing a credible job in helping to protect our country. Unfortunately, that may not be the case.

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Grinch Bug Could be Worse Than Shellshock, Says Experts

December 17, 2014 Added by:Pierluigi Paganini

The flaw resides in the authorization system in Linux which allows privilege escalation through the wheel.

Comments  (1)

6a71825dbf6d876764b845e0fd664e0b

Security in 2015: The Internet Becomes the Corporate Network Perimeter

December 05, 2014 Added by:Paul Lipman

The cloud has been widely hailed as the most disruptive force in modern business. Indeed, the world is in the midst of fundamentally profound transformations, enabled by the cloud, in the ways in which we access and interact with data and applications. Unfortunately, the security industry has not kept pace with these transformational trends, necessitating an equally profound change in the way we s...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Iran Attacking Critical Infrastructures - Cylance Report

December 04, 2014 Added by:Joe Weiss

This is not an “I told you so” note. It is a note expressing concern that our critical infrastructure organizations such as NERC, FERC, NRC, NEI, AWWA, and others do not appear to be taking this threat seriously.

Comments  (0)

D36d0936f0c839be7bf2b20d59eaa76d

Phones, Phablets and Clouds - Securing Today’s New Infrastructure

December 03, 2014 Added by:Steve Durbin

Despite the undeniable corporate and consumer interest, the security and privacy implications of cloud and mobile connected devices are concerning many security professionals. Countless organizations are still playing catch up – Bring Your Own Device (BYOD) polices are only starting to be embedded, reviewed and updated. IT departments are overwhelmed with the amount of devices entering the workp...

Comments  (1)

E595c1d49bf4a26f8e14ce59812af80e

The Three Human Failures Behind Remote Access Shortcomings

November 26, 2014 Added by:Patrick Oliver Graf

Whenever news of a network security breach reaches the public airwaves, observers are quick to assign blame to some combination of technological shortcomings and human error that allowed an attacker to slip through the victim’s cyber defenses.

Comments  (5)

Bd07d58f0d31d48d3764821d109bf165

3 Internet of Things Security Nuances You May Not Have Considered

November 25, 2014 Added by:Tripwire Inc

There’s a lot of work to do, but we’re at least focused on giving IoT a fair shot at being the poster child of security and not the antithesis of it.

Comments  (3)

201d6e4b7cd0350a1a9ef6e856e28341

The Arrogance of the US Nuclear Power Industry - We Don't Want to Look at Everything

November 17, 2014 Added by:Joe Weiss

In today’s environment with nuclear plants being prime cyber targets, industry should be looking at more not less.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Data Breaches are a Global Problem

November 06, 2014 Added by:Brent Huston

For those of you who maybe just thought that data breaches were only happening against US companies, and only by a certain country as the culprit, we wanted to remind you that this certainly isn’t so.

Comments  (4)

Page « < 1 - 2 - 3 - 4 - 5 > »
Most Liked