The dust still hasn’t cleared from revelations that many of RuggedCom brand networking products contain an easily-exploited back door account, and that it is working on a fix for the problem, according to a statement from Siemens, which recently bought RuggedCom.
Browsing Category: Critical Infrastructure
Anti malware company Symantec released its threat report for 2011 on Monday. Buried in the dry statistics about the number of Web based attacks and malicious programs detected during the year are some surprising facts. Among them: religious-themed Web sites are among the dirtiest on the Internet.
The controversial Cyber Intelligence Sharing and Protection Act (CISPA) passed with bipartisan support by a 248-168 vote in the U.S. House of Representatives last night, despite warnings from privacy experts and a growing public outcry.
UPDATE: Security researchers are warning about the risk posed by an embarrassing security hole in industrial control software by the firm RuggedCom. A hidden administrative account could give remote attackers easy access to critical equipment that is used to manage a wide range of critical infrastructure, including rail lines, traffic control systems and electrical substations.
The Obama Administration joined the Cyber Intelligence Sharing and Protection Act (CISPA) debate yesterday when a senior State Department advisor told The Guardian that the White House opposed the controversial bill.
The Iranian Oil Ministry has acknowledged that a virus outbreak has compromised servers and Web sites used by the Ministry, but denies that any non-public data was exposed.
The U.S. and other advanced nations face a drastic cyber security skills gap. Attacks from sophisticated and unsophisticated attackers are on the rise, even as more and more companies and government agencies move more of what they do online to Web based services and the cloud. Of course, the skills gap requires a bottom-up rethink of the way that technology skills are taught at both the primary and secondary level. That’s no easy task in a decentralized and highly regulated education system such as the one that exists in the U.S. where resources are addressed more towards basic skill acquisition than to teaching advanced cyber skills. Still, the Obama Administration has put cyber security at the top of its domestic and military security agendas, and there’s some evidence of positive change.
A British teenager believed to be the hacker TriCk, a founding member of TeaMp0isoN has reportedly been arrested after launching a denial of service attack against an anti-terrorism hotline in the UK.
Industrial control system vendor Koyo moved to fix vulnerabilities in its ECOM brand programmable logic controllers (PLCs) after researchers, in January, revealed that the devices were vulnerable to brute force password guessing attacks.
[img_assist|nid=10958|title=Justin Morehouse|desc=|link=none|align=right|width=100|height=100]Corporate executives and other high value employees traveling abroad need to be on guard for attempts to compromise their mobile devices, and could even have their mobile phone compromised before they even disembark the plane following their arrival, according to security researcher Justin Morehouse. A thirst for intellectual property and trade secrets, and a bugeoning market of sophisticated mobile surveillance tools means that executives need to begin thinking and acting like spies in order to avoid being spied upon themselves, according to a presentation at the OWASP AppSec DC 2012 conference in Washington DC on Thursday.