Critical Infrastructure News, Articles and Updates
Acknowledging a shortfall in the pool of cybersecurity talent needed to combat today's increasingly sophisticated cyberattacks, the federal government announced it is actively expanding recruitment.
A report released today by the Institute for Critical Infrastructure Technology warns that China's latest five-year plan is reliant upon the digital theft of Western nations' intellectual property, despite a 2015 Sino-U.S. pact to eliminate cyberattacks against corporate assets.
In the documentary-thriller Zero Days, an anonymous source not only acknowledges that the U.S. and Israel were behind the Stuxnet cyberattack on Iran's Natanz nuclear facility, but also blames Israel for the worm's eventual discovery.
Disconnecting computers used in power plants and electrical grids from the internet is being proposed in a bill before the Senate.
Shades of Stuxnet: Newly found malware can sabotage industrial controls, but only in simulated environmentsJune 06, 2016
FireEye yesterday revealed details of a recently discovered malware, dubbed Irongate, whose properties echo the infamous StuxNet virus, in that it is theoretically designed to manipulate industrial control systems.
Five weeks after its official launch, the Canadian Cyber Threat Exchange is already close to selecting an MSP that will manage the group's new cyberthreat intelligence sharing forum, according to a panel session at SC Congress Toronto on Wednesday.
Atlanta has an ambitious plan to bolster its cybersecurity posture.
The DHS yesterday issued its first-ever US-CERT security alert pertaining to the active exploit of an SAP application, after a security vendor determined 36 organizations were infiltrated via an SAP vulnerability that was disclosed over five years ago.
Tampa International Airport has expedited and expanded an audit of its network security, following the resignation of an IT consultant who was allegedly found to have shared system passwords with unauthorized parties.
A defense authorization bill could split off the U.S. Cyber Command from under the direction of U.S. Strategic Command and the NSA.
The root of the problem with malicious smart city hacking lies in the fact that sensors typically collect 'raw' data and then merely pass it on.
The FBI and DHS has scheduled a series of unclassified webinars and threat briefings across the U.S. addressing the 2015 cyberattack against Ukraine's power grid.
The DHS Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, has issued security advisories on vulnerabilities in ICS technologies from Eaton Lighting Systems, Pro-face and Rockwell Automation.
The same motivation that has for decades convinced cat burglars to sneak in through open windows and pilfer jewels from the dresser drawers of their sleeping victims moves cybercriminals to slither around in cyberspace to steal data: It's valuable. And easy to get to.
The Department of Homeland Security has declared itself officially ready to exchange cybersecurity intelligence with private industries and other organizations using an automated threat-sharing system, under the terms of the Cybersecurity Act of 2015.
U.S. authorities are reportedly preparing to issue an indictment against Iranian hackers believed to have carried out acyber attack against a New York dam.
There used to be a time when large enterprises, in particular, took pride in the idea of managing all their various and sundry IT functions, every backend process, in-house.
In the first-ever high-level exercise testing the U.S. military's ability to defend against a cyberattack, the NSA in 1997 hacked into the DoD's entire network in just four days, according to a new book by Pulitzer Prize-winning journalist Fred Kaplan.
Recently, there has been an increased intensity in scrutiny of the world's electric grids, says Edna Conway, CSO, global value chain, Cisco Systems.
An advance persistent threat group has recently been concentrating its efforts on infiltrating Japanese critical infrastructure and key commercial interests, according to cybersecurity firm Cylance.
Before its historic nuclear agreement with Iran, the U.S. had drawn up contingency plans for launching major cyberattacks against the Middle Eastern nation, the New York Times reported.
Trend Micro is reporting that Russian hackers likely attempted to use BlackEnergy malware to attack a mining operation and railway, in addition to taking down two power plants in the Ukraine in December.
More information is being revealed regarding the late December attack on the Ukrainian power grid with reports indicating the attack on the utility was supported by a simultaneous telephonic denial of service (DoS)incident.
A report from the U.S. Department of Homeland Security's Industrial Control Systems Cybersecurity Emergency Response Team (ICS-CERT) noted a rise in reported cyberattacks against critical manufacturing organizations during 2015.
A senior U.S. official said the direct connection of the industrial control systems (ICS) handling the country's critical infrastructure networks to the internet has led to an uptick in penetrations during the past year.
A cyberattack on a power plant in the Ukraine "demonstrated planning, coordination and the ability to use malware," says SANS.
Almost half of UK businesses plan to increase their ICT spending this year.
Following a cyberattack on a utility provider in the Ukraine, the Electricity Information Sharing and Analysis Center warned its members to improve their network defenses.
In the wake of North Korea testing a nuclear device earlier this week, the South Korean military has raised its cybersecurity level as a precautionary measure.
A bill to infuse funds into state and local government budgets in order to fight cybercrime unanimously passed the House on Thursday.
SC Magazine Articles
- Cerber ransomware strain now targeting Office 365 users
- Critical infrastructure in Europe exposed to hackers
- Deal with the devil: Ransomware experiment proves you can negotiate price down
- WordPress Summer of Pwnage: 64 holes in 21 days
- Cerber ransomware C&C server shut down by research firm and CERT-Netherlands
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- WhatsApp in the spotlight after Turkey publishes messages of coup officers
- For the incoming federal CISO: Focus on the human side of cybersecurity
- Audit: FBI's threat prioritization process too subjective and sluggish
- 2.3 million 'Warframe,' 'Clash of Kings' accounts compromised
- MS-ISAC official: Ransomware top priority