Critical Infrastructure

D.C.’s Complicated View of Cyberwar, Regulation, Liability

Former NSA general counsel Stewart Baker shared his insight on Washington’s perceptions of cyberwar during his keynote address at the Cybersecurity Summit in Minneapolis.

Sandworm APT Team Found Using Windows Zero Day Vulnerability

A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe.

Siemens Patches Five Vulnerabilities in SIMATIC WinCC for PCS 7

Siemens has patched five vulnerabilities in its SIMATIC PCS 7 system that could result in privilege escalation and give an attacker unauthenticated access to sensitive data.

Schneider Electric Fixes Remotely Exploitable Flaw in 22 Different Products

by Dennis Fisher

October 1, 2014

There’s a remotely exploitable directory traversal vulnerability in more than 20 individual products from Schneider Electric that can enable an attacker to gain control of an affected machine.

DARPA Working on Provably Secure Embedded Software

by Dennis Fisher

October 1, 2014

DARPA is working on a new kind of software that is provably secure for specific properties.

Patching Bash Vulnerability a Challenge for ICS, SCADA

by Michael Mimoso

September 25, 2014

Experts are concerned that many Linux-based industrial control systems and embedded systems could be too steep a patching challenge and remain in the crosshairs of the Bash vulnerability.

Small Signs of Progress on DNSSEC

by Dennis Fisher

September 25, 2014

The Internet hasn’t been quick to adopt DNSSEC, for a variety of reasons, but experts say that there are some reasons to be optimistic about the progress that’s being made on DNSSEC adoption.

Series of Vulnerabilities Found in Schneider Electric SCADA Products

by Dennis Fisher

September 17, 2014

UPDATE–There are several unpatched, remotely exploitable vulnerabilities in a number of Schneider Electric’s SCADA products, one of which could be used to perform a shutdown of the SCADA server. Another of the vulnerabilities is an authentication bypass that could give an attacker access to sensitive data. The vulnerabilities affect a variety of Schneider Electric StruxureWare […]

White House: Internet Not Borderless, But Lacking Interior

by Brian Donohue

September 17, 2014

White House special assistant to the President and Cybersecurity Coordinator Micheal Daniel explains that a series of simple, known issues add up to a very difficult Internet security problem.

Four Vulnerabilities Patched in IntegraXor SCADA Server

by Chris Brook

September 12, 2014

Four different remotely exploitable vulnerabilities were recently discovered and patched in a popular SCADA server.

Critical Infrastructure

D.C.’s Complicated View of Cyberwar, Regulation, Liability

Sandworm APT Team Found Using Windows Zero Day Vulnerability

Siemens Patches Five Vulnerabilities in SIMATIC WinCC for PCS 7

Schneider Electric Fixes Remotely Exploitable Flaw in 22 Different Products

DARPA Working on Provably Secure Embedded Software

Patching Bash Vulnerability a Challenge for ICS, SCADA

Small Signs of Progress on DNSSEC

Series of Vulnerabilities Found in Schneider Electric SCADA Products

White House: Internet Not Borderless, But Lacking Interior

Four Vulnerabilities Patched in IntegraXor SCADA Server

InfoSec Insider

Securing Your Move to the Hybrid Cloud

Why Physical Security Maintenance Should Never Be an Afterthought

Conti’s Reign of Chaos: Costa Rica in the Crosshairs

How War Impacts Cyber Insurance

Rethinking Vulnerability Management in a Heightened Threat Landscape

Topics

Authors

Threatpost

Critical Infrastructure

InfoSec Insider

Topics

Authors

Threatpost

Infosec Insider Post

Sponsored Content