DHS Secretary Jeh Johnson pitched RSA Conference attendees on working for the department’s NCCIC initiative, as well as providing help on solving the NSA’s frontdoor problem.
Browsing Category: Critical Infrastructure
Dell released its annual threat report yesterday, ringing the alarm bells on point-of-sale and industrial control system attack in 2014 and beyond.
It’s an interesting time for certificate authorities. On the one hand, interest has never been higher in Web encryption, privacy and transport security, thanks to Edward Snowden. But on the other hand, the last few years has seen a steady stream of compromises of CAs, mis-issued certificates and other problems. CAs hold the security and[…]
The US-CERT is warning administrators and network operators that a misconfiguration issue with some DNS servers that has been known about for more than 15 years and can give attackers detailed information about DNS zones is coming back around thanks to new scans that show a high number of servers vulnerable to the issue. The problem[…]
Researchers at Fidelis report a new strain of AlienSpy, a remote access tool that’s being used to deliver the Citadel Trojan to critical industries.
New Obama Administration Executive Order declares a cyber-national emergency and research advocates worry that sanctions could chill security research work.
The FBI has warned consumers about a rash of phony websites posing as government services.
There are a series of vulnerabilities related to credentials and authentication in two of Schneider Electric’s HMI products, and an attacker who exploits them may be able to run arbitrary code.
GE has released a fix for a vulnerability in a library that’s used in several of its products deployed in critical infrastructure areas. The flaw in the HART Device Type Manager library could allow an attacker to crash affected applications or run arbitrary code.
The federal government is seeking more legal power to step in and shut down botnets through an amendment to the existing criminal law, which would allow the Department of Justice to obtain injunctions to disrupt these malicious networks. The Obama administration has proposed an amendment to existing United Stated federal law that would give it[…]