The ICS-CERT is warning users about a stack buffer overflow in the Advantech WebAccess SCADA product that could lead to arbitrary code execution. Advantech WebAccess is a SCADA and human-machine interface product that’s accessible over the Web. It’s used in a variety of industries, including energy, manufacturing, government and the commercial sector. The vulnerability affects[…]
Browsing Category: Critical Infrastructure
Some Citadel-infected computers have received a new configuration file, a keylogger triggered to go after the master passwords from three leading password management tools.
The Internet Architecture Board, the body in charge of overseeing the structure of many of the Internet’s key standards, has recommended that encryption be the default traffic option for protocols.
Researchers at Kaspersky Lab published a report identifying by name the first five victims of Stuxnet.
LAS VEGAS–One of the longest running jokes in the security industry is that each coming year finally will be The Year of PKI. While that one huge year never materialized, the use of PKI and digital certificates has become an integral part of how the Internet works today. But there are some challenges on the horizon[…]
LAS VEGAS–The Internet that we use today was not designed as a cohesive network. It was put together from found bits and pieces over the course of the last few decades, and, as major bugs such as Heartbleed and others have shown, it’s a frighteningly fragile construction. Attackers know this as well as anyone, and[…]
Former DHS secretary Michael Chertoff laid out a game plan for enterprise network security, one heavy on risk management and prioritization in the context of current threats and vulnerabilities, and potential consequences.
Researchers at Kaspersky Lab discovered a cache of Windows and Linux plug-ins for the BlackEnergy malware that, in addition to data theft, allow it to target Cisco routers and even destroy hard drives it infects.
Attackers are using BlackEnergy malware to attack HMI software running inside industrial control systems, according to an advisory from ICS-CERT.
The issue of cyberespionage is a thorny one, both technically and politically speaking, but some experts say there may not actually be a solution to the problem.