Critical Infrastructure

Telephonic DoS tied to Ukraine power grid takedown

Telephonic DoS tied to Ukraine power grid takedown

By

More information is being revealed regarding the late December attack on the Ukrainian power grid with reports indicating the attack on the utility was supported by a simultaneous telephonic denial of service (DoS)incident.

ICS-CERT: Manufacturing sees greater share of 2015 critical infrastructure attacks

ICS-CERT: Manufacturing sees greater share of 2015 critical infrastructure attacks

By

A report from the U.S. Department of Homeland Security's Industrial Control Systems Cybersecurity Emergency Response Team (ICS-CERT) noted a rise in reported cyberattacks against critical manufacturing organizations during 2015.

ICS-CERT: U.S. critical infrastructure susceptible to cyberattacks

ICS-CERT: U.S. critical infrastructure susceptible to cyberattacks

By

A senior U.S. official said the direct connection of the industrial control systems (ICS) handling the country's critical infrastructure networks to the internet has led to an uptick in penetrations during the past year.

First major blackout caused by hackers likely due to malware, says SANS

First major blackout caused by hackers likely due to malware, says SANS

By

A cyberattack on a power plant in the Ukraine "demonstrated planning, coordination and the ability to use malware," says SANS.

UK security products market could reach US $1.7 billion in 2019

UK security products market could reach US $1.7 billion in 2019

Almost half of UK businesses plan to increase their ICT spending this year.

U.S. utilities warned to beef up defenses following Ukraine attack

By

Following a cyberattack on a utility provider in the Ukraine, the Electricity Information Sharing and Analysis Center warned its members to improve their network defenses.

South Korea boosts cyberdefenses against the DPRK

South Korea boosts cyberdefenses against the DPRK

By

In the wake of North Korea testing a nuclear device earlier this week, the South Korean military has raised its cybersecurity level as a precautionary measure.

Bill to strengthen cyber defenses passes House

Bill to strengthen cyber defenses passes House

By

A bill to infuse funds into state and local government budgets in order to fight cybercrime unanimously passed the House on Thursday.

Google updates Chrome 47, pays out $100K in bug bounty

Google updates Chrome 47, pays out $100K in bug bounty

By

Google has updated Chrome version 47 and moved it to its stable channel for Windows, Mac and Linux, a move that included 41 patches.

Internet of malicious things: Yale home automation vulnerable

Internet of malicious things: Yale home automation vulnerable

The Yale Home System (Europe) Android application vulnerable to a man-in-the-middle attack due to TLS errors .

Critical infrastructure networks lacking in performance metrics

Critical infrastructure networks lacking in performance metrics

By

Network defense of the nation's critical infrastructure is sorely lacking, according to a report by the Government Accountability Office.

Information disclosure bug patched with VMware update

Information disclosure bug patched with VMware update

By

VMware issued an advisory to patch an information disclosure issue.

Microsoft plans to open two new data centers in Germany

Microsoft plans to open two new data centers in Germany

By

Microsoft reported this week it will deliver several of its Cloud services from two new datacenters in Germany.

Nearly half of fed endpoints remain unprotected, study finds

Nearly half of fed endpoints remain unprotected, study finds

By

A just-released report surveying endpoint security across the federal government highlighted some dire lapses.

White House recruits cybersecurity expert

White House recruits cybersecurity expert

By

The White House has recruited Greg Shannon, a senior member of the IEEE and chief scientist for the CERT division at Carnegie Mellon.

Microsoft Windows subsystem vulnerable to EMET bypass

Microsoft Windows subsystem vulnerable to EMET bypass

By

Microsoft's past success selling software to the masses may end up being its toughest problem going forward as some of this legacy software is now exploitable even though it is supposedly protected, as was determined by researchers at Duo Labs.

U.S. and South Korea to strengthen cybersecurity coordination

U.S. and South Korea to strengthen cybersecurity coordination

By

The U.S. and South Korea announced that the two nations will begin working together to implement stronger cybersecurity strategies.

NYIT Cyber: Panelists discuss physical cyber security

NYIT Cyber: Panelists discuss physical cyber security

By

The New York Institute of Technology 6th Annual Cybersecurity Conference was held on Thursday in Manhattan.

The new mindset for building secure services in the cloud

Security in the cloud is not the same as security in the corporate data center. Different rules and thinking apply when a CISO is trying to secure an infrastructure over which he or she has no physical access.

Mitigation available for flaw in building automation system

Mitigation available for flaw in building automation system

By

Schneider Electric released updated firmware to patch a remotely exploitable vulnerability for its StruxureWare Building Expert building automation system.

Corporate employees using unsecure apps for work: IBM

Corporate employees using unsecure apps for work: IBM

By

When it comes to security many corporate employees are willing to take the risk of using unsecured, third-party apps if it means making their job easier, a new IBM Security study found.

Minimise friction to maximise user satisfaction for user authentication

Designing user authentication systems for applications is often seen as a trade-off between security and the user experience, but Ant Allan at Gartner says it needn't always be thus.

Energy Dept. hacks point to larger procurement, budget issues

Energy Dept. hacks point to larger procurement, budget issues

By

The U.S. Department of Energy's systems were compromised - successfully - more than 150 times in just four years.

Response to cyberespionage debated at Atlantic Council

Response to cyberespionage debated at Atlantic Council

By

Following a number of recent headline-grabbing breaches, a panel of foreign relations experts convened at the Atlantic Council to discuss retaliation against hackers.

Secret NSA map shows Chinese cyberespionage targets in U.S.

By

A secret NSA map was obtained by a news outlet shows the locations of "Victims of Chinese Cyber Espionage" targets based in the U.S.

Japan to train thousands on cyber-security ahead of 2020 Olympics

Japan to train thousands on cyber-security ahead of 2020 Olympics

Japan will train approximately 50,000 people in the public and private sectors on cyber-security ahead of the 2020 Summer Olympics in Tokyo, according to local reports.

Cyber attack on U.S. power grid could rack up $1 trillion in losses, study says

Cyber attack on U.S. power grid could rack up $1 trillion in losses, study says

By

A study by Lloyd's of London and the Centre for Risk Studies at Cambridge University predicted severe losses in a catastrophic attack on the power grid and a separate poll found that voters were worried as well about those attacks.

DHS, FBI lead 'Cyber Guard' exercise in Virginia

By

From June 8 through June 26 more than 100 organizations participated in the fourth annual Cyber Guard exercise.

FBI investigates physical attacks on San Francisco internet cables

By

The attacks reportedly date back a year, and happened as recently as Tuesday morning.

Global initiative 'Securing Smart Cities' launches

By

IOActive, Kaspersky Lab, and the Cloud Security Alliance are among the security organizations supporting the effort.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US