SEARCH RESULTS
 
Showing 1-10 of 11 records
 
Expand article

Hacking Power Networks

2008-01-22 14:24:55 by schneier in Schneier on Security
 
...SCADA systems, says Alan Paller, director of the SANS Institute, an organization that hosts a crisis center for hacked companies. "Hundreds of millions of dollars have been extorted, and possibly more. It's difficult to know, because they pay to keep it a secret," Paller says. "This kind of extortion is the biggest untold story of the...
 
Tags: power, power companies, companies, cia actively, power outages, cia, cia rumor, disrupt power equipment, attacks
 
 
 
 
Expand article

Links for 2008-01-25 [del.icio.us]

2008-01-26 00:00:00 by Editor in Anton Chuvakin Blog -
 
...SCADA Security Debate Schneier on Security: Hacking Power Networks Vmyths on SCADA - SANS director confirms the CIA confirmed ... absolutely nothing Majority of VISA Merchants are Compliant as of Jan. 22, 2008 Payment Card Security & IT Controls Explained Targeted Trojan Attacks EETimes.com - New cybersecurity specs target power grid Huge...
 
Tags: security, payment card security, scada, scada security, sets practical guidelines, sans director confirms, intel rosi paper, silent rampage wipes, apple hack news
 
 
 
 
Expand article

My 2008 Security Predictions!

2008-01-09 15:42:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...SCADA hack = no (not yet). Everybody predicts this one forever (as Rich mentions ), but I am guessing we would need to wait another year or so for this Cyber-terrorism = no (again, not yet!) Will it be a reality in the future? You bet! Just not now A massive data theft to dwarf TJX = yes . And it will include not some silly credit card number...
 
Tags: security, security predictions, broader information security, information security, smb security, virtual security appliances, security market, security solutions, security software
 
 
 
 
Expand article

What can we learn from Hannaford & TJX?

2008-03-30 12:58:07 by Chenxi Wang in Security & Risk Management
 
...SCADA system, and that would be their critical asset. But the above list is a good place to start thinking about your critical network assets and how you should management vulnerabilities both at the network layer and in the applications For more information, see the Forrester report: "Operationalizing Application Vulnerability Management
 
Tags: hannaford, web applications, critical assets weekly, critical assets, practice companies, applications, companies, practice, hannaford data breach
 
 
 
 
Expand article

Experts hack power grid in no time

2008-04-09 00:00:00 by Tim Greene in Network World on Security
 
Cracking a power company network and gaining access to supervisory, control and data acquisition (SCADA) systems that could shut down the grid is simple, security expert and penetration-testing consultant Ira Winkler told an RSA audience, and he has done so in less than a day
 
Tags: consultant ira winkler, power company network, grid, data acquisition, rsa audience, security expert, access, supervisory, systems
 
 
 
 
Expand article

New Hurdles for Vulnerability Disclosure

2008-05-22 06:22:47 by Editor in IEEE Security and Privacy
 
...SCADA implementations have created new hurdles for vulnerability disclosure. These aspects of information security have different risks and benefits to the involved stakeholders, which has prevented the establishment of an ideal environment for vulnerability disclosure
 
Tags: vulnerability disclosure, information security, specific web sites, ideal environment, hurdles, scada implementations, establishment, stakeholders, benefits
 
 
 
 
Expand article

Gas manufacturer defends SCADA systems

2008-06-12 00:00:00 by Tim Greene in Network World on Security
 
A large medical-grade gas firm is installing intrusion-prevention systems to circumvent security problems that the government fears are a menace to power utilities and other essential industries
 
Tags: medical-grade gas firm, essential industries, systems, government fears, circumvent security, power utilities, menace
 
 
 
 
Expand article

Fun Reading on Security - 4

2008-06-17 11:36:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...SCADA security puzzles me: think about it - you need a law to make people protect systems that control utilities EVEN THOUGH you already demonstrated ( kind of ) that hackers can explode generators remotely. So, people fear fines from regulators more than exploded power generators? Yep Is it time to regulate the security of cloud computing...
 
Tags: security, scada security puzzles, fun, network security, network, security study, pci, pci compliance, cloud security
 
 
 
 
Expand article

Security Briefing: June 20th

The Article has images
2008-06-20 12:52:08 by Dave Lewis in Liquidmatrix Security Digest
...SCADA management software ) | Pittsburgh Tribune-Review Staff ignore data security, surveys say | IT PRO Lessons from the Verizon 2008 Data Breach Investigations Report | InfoWorld Microsofts critical Bluetooth patch didnt work on XP | Network World Sweden passes eavesdropping law | International Herald Tribune From zero day exploit to zero...
 
Tags: security news, scada management software, software, news, international herald tribune, ridc park company, world, network world, day exploit
 
 
 
 
Expand article

CitectSCADA ODBC Service Exploit Published, Computerized Control Systems In Critical Facilities Are Vulnerable

2008-09-09 03:35:59 by CyberInsecure in CyberInsecure.com
 
Supervisory Control And Data Acquisition (SCADA) systems buffer overflow vulnerability was discovered in June by CORE. It affects the CitectSCADA product and could allow a remote unauthenticated attacker to force DoS or to execute arbitrary code on vulnerable systems. This weekend, Kevin Finisterre, the director of penetration testing at...
 
Tags: execute arbitrary code, security firm netragard, supervisory control, data acquisition, vulnerable systems, kevin finisterre, citectscada product, force dos, weekend