Critical Infrastructure

Siemens Patches WinCC Vulnerabilities Likely Being Exploited

Siemens has patched two critical vulnerabilities in the WinCC application in a number of its products; the flaws are likely being exploited, ICS-CERT and Siemens said.

Remote Code Execution in Popular Hikvision Surveillance DVR

A number Hikvision digital video recorders contain vulnerabilities that an attacker could remotely exploit in order to gain full control of those devices.

Costin Raiu on the Regin APT Malware

Denis Fisher talks with Costin Raiu of the Kaspersky Lab GReAT Team about the discovery of the Regin APT malware, the threat’s targets and tactics, its ability to compromise GSM base stations and its other capabilities.

Regin Cyberespionage Platform Also Spies on GSM Networks

by Michael Mimoso

November 24, 2014

Kaspersky Lab researchers have learned that the Regin cyberespionage platform also targets GSM telecommunications networks.

Buffer Overflow Haunts Advantech WebAccess SCADA Product

by Dennis Fisher

November 21, 2014

The ICS-CERT is warning users about a stack buffer overflow in the Advantech WebAccess SCADA product that could lead to arbitrary code execution.

Citadel Variant Targets Password Managers

by Michael Mimoso

November 19, 2014

Some Citadel-infected computers have received a new configuration file, a keylogger triggered to go after the master passwords from three leading password management tools.

IAB Urges Designers to Make Encryption the Default

by Dennis Fisher

November 17, 2014

The Internet Architecture Board, the body in charge of overseeing the structure of many of the Internet’s key standards, has recommended that encryption be the default traffic option for protocols.

Stuxnet’s First Five Victims Provided Path to Natanz

by Michael Mimoso

November 11, 2014

Researchers at Kaspersky Lab published a report identifying by name the first five victims of Stuxnet.

Expanding Use of PKI in Variety of Devices Holds Challenges

by Dennis Fisher

November 7, 2014

LAS VEGAS–One of the longest running jokes in the security industry is that each coming year finally will be The Year of PKI. While that one huge year never materialized, the use of PKI and digital certificates has become an integral part of how the Internet works today. But there are some challenges on the horizon […]

Securing an Internet Made From ‘Duck Tape and Baling Wire’

by Dennis Fisher

November 7, 2014

LAS VEGAS–The Internet that we use today was not designed as a cohesive network. It was put together from found bits and pieces over the course of the last few decades, and, as major bugs such as Heartbleed and others have shown, it’s a frighteningly fragile construction. Attackers know this as well as anyone, and […]

Critical Infrastructure

Siemens Patches WinCC Vulnerabilities Likely Being Exploited

Remote Code Execution in Popular Hikvision Surveillance DVR

Costin Raiu on the Regin APT Malware

Regin Cyberespionage Platform Also Spies on GSM Networks

Buffer Overflow Haunts Advantech WebAccess SCADA Product

Citadel Variant Targets Password Managers

IAB Urges Designers to Make Encryption the Default

Stuxnet’s First Five Victims Provided Path to Natanz

Expanding Use of PKI in Variety of Devices Holds Challenges

Securing an Internet Made From ‘Duck Tape and Baling Wire’

InfoSec Insider

Securing Your Move to the Hybrid Cloud

Why Physical Security Maintenance Should Never Be an Afterthought

Conti’s Reign of Chaos: Costa Rica in the Crosshairs

How War Impacts Cyber Insurance

Rethinking Vulnerability Management in a Heightened Threat Landscape

Topics

Authors

Threatpost

Critical Infrastructure

InfoSec Insider

Topics

Authors

Threatpost

Infosec Insider Post

Sponsored Content