Network Security
SCADA and ICS Security Patching: The Good, the Bad and the Ugly
March 26, 2013 Added by:Eric Byres
Let's examine the good, the bad and the ugly details of patching as a means to secure SCADA and ICS systems. And to begin, let’s suppose patches could be installed without shutting down the process...
Comments (1)
Installing Kali Linux on a Raspberry Pi and Connecting to it Remotely
March 19, 2013 Added by:Dan Dieterle
Kali is the newest version of the Backtrack security penetration testing Linux platform. Wouldn’t it be cool if you could run Kali from a $35 Raspberry Pi computer? This tutorial explains how to install Kali Linux on a Raspberry Pi.
Comments (0)
SCADA and ICS Security: Welcome to the Patching Treadmill
March 15, 2013 Added by:Eric Byres
After Stuxnet, security researchers and hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure. Unfortunately, the SCADA and Industrial Control Systems applications they are now focusing on are sitting ducks.
Comments (0)
So APT Is China *snicker* Now What?
February 28, 2013 Added by:Krypt3ia
As RSA comes to a close and the corridors of the hall stop ringing with the acronym APT, I find myself once again looking at the problem as opposed to the hype.
Comments (0)
Symantec Uncovers Earliest Known Version of Stuxnet (Version 0.5)
February 26, 2013 Added by:Mike Lennon
According to Symantec, Stuxnet Version 0.5, an earlier and less sophisticated version of Stuxnet, was designed to close crucial valves that feed uranium hexafluoride gas into the centrifuges, causing serious damage to the centrifuges and the uranium enrichment system as a whole.
Comments (0)
The Blurring of the Business Identity
February 26, 2013 Added by:Simon Moffatt
The concept of a well defined business identity is blurring and this is causing a complex reaction in the area of identity and access management. Internal, enterprise class identity and access management (IAM) has been long defined, as the managing of user access as defined by approval workflows, authoritative source integration and well defined system connectivity.
Comments (0)
APT1: The Good, The Bad, and The Ugly
February 21, 2013 Added by:Krypt3ia
I believe that Mandiant published the APT1 report primarily as a means of advertising and not much else. There is talk of the release being given the tacit nod by the government to push through the idea that there is a problem and that China is robbing us blind.
Comments (2)
iPhones Are Coming to the Plant Floor – Can we Secure Them?
February 20, 2013 Added by:Eric Byres
Like icebergs, mobile technology has become an unstoppable force of nature. They have invaded the corporate office – is the plant floor the next frontier? What is your company doing about mobile devices on the plant floor? Does it have a strategy?
Comments (0)
Opinion: Recent ISACA Study Adds Fuel to the APT Fire
February 18, 2013 Added by:Steve Ragan
Most of the time, attacks considered APTs use 0-Day exploits, or malware that slips past poorly updated AV software, or phishing to compromise a host or organization. There is nothing advanced about attacks like these...
Comments (0)
Defining the Qualities of Cyber Warfare
February 14, 2013 Added by:Jarno Limnéll
Cyber warfare is one of the hottest topics currently trending in newsfeeds and, although many are quick to use the term, not everyone fully understands the concept.
Comments (1)
Time to Speak Up on New IF-MAP Specs for ICS and SCADA Security
February 12, 2013 Added by:Eric Byres
Something I believe industry urgently needs is better standards for information exchange between security solutions. Unfortunately while TCG has had feedback from the IT community, they have received little from the SCADA or ICS community. I encourage everyone involved with SCADA and ICS security to review the specification.
Comments (0)
Bit9 Suffers Breach After Failing to Follow Corporate Policy
February 11, 2013 Added by:Steve Ragan
If you need a one off example this week of why internal policies are important, or why failure to adhere to them could spell trouble, look no further than Bit9.
Comments (0)
DARPA on Cyber Targeted-Attack Analyzer program & micro-satellites
February 11, 2013 Added by:Pierluigi Paganini
Protect the country, population and assets from cyber threats, this is a must for every government, a challenge for every state, new processes, large investment and innovative researches are the topics most debated in this period. Yesterday I wrote about the Russian government and its commitment to strengthen cyber defense, today I desire to introduce how US are trying to improve their cyber capa...
Comments (0)
Network Security Dark Space: What You Don’t Know Can Hurt You
February 11, 2013 Added by:Infosec Island
Dark space is everywhere – it’s a major challenge to security teams everywhere. The good news is the problem can be solved, and complete coverage can be achieved.
Comments (0)
New York Times Attacks Show Need For New Security Defenses
February 01, 2013 Added by:Infosec Island
The recent attacks against the New York Times allegedly carried out by the Chinese military highlight the importance of layered security to protect sensitive systems and data.
Comments (0)
SCADA Security Directions for 2013 - How Will ICS and SCADA Security Change in 2013?
February 01, 2013 Added by:Eric Byres
You see, every January I get asked to make between three and five predictions for the upcoming year. Then every December people remind me that I made those predictions 12 months ago. Then they get to tell me how poorly I did.
Comments (0)
- Brand Damage Through Information Access
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security