InfoSec

SCADA/ Industrial Security

  • newKaspersky launches improved business <b>security</b> for Macs
    "We believe that each component of corporate infrastructure should be protected because cybercriminals will use every chance they can to infiltrate a ...
    - 10 hours ago Friday, August 28, 2015 -
  • newDefending The <b>Cyber</b> Frontiers of Digital India
    This incident shows that how vulnerable India is to cyber security attack. ... “The information and the infrastructure needs to be secure. That is why ...
    - 11 hours ago Friday, August 28, 2015 -
  • newA Barrage of Breaches Later, <b>Cybersecurity</b> Requires a Rethink
    It's a good time to bet against cybersecurity when everyday headlines are ... and companies aren't investing in a better cybersecurity infrastructure.
    - 14 hours ago Friday, August 28, 2015 -
  • newUS government resources for <b>cybersecurity</b>
    ICS-CERT has many resources and services available to assist critical infrastructure asset owners. Most of the cyber incidents ICS-CERT responds to ...
    - 22 hours ago Thursday, August 27, 2015 -
  • newCompanies With Virtual <b>Infrastructure</b> Need Double the Normal Budget to Recover from a <b>Cyber</b> <b>...</b>
    Businesses pay a significant premium to recover from a cyberattack, if virtual infrastructure is affected during the incident. Enterprises pay more than ...
    - 23 hours ago Thursday, August 27, 2015 -
  • newTechCrunch: Psychology of Insecurity

    TechCrunch: Psychology of Insecurity

    Today, TechCrunch has published “The Psychology of Insecurity” by Bromium CTO Simon Crosby. You can read the whole article here: http://techcrunch.com/2015/08/27/the-psychology-of-insecurity/ The recent Ashley Madison hack isn’t the only high-…
    - 1 day ago Thursday, August 27, 2015 -
  • newUnsolicited Response Podcast: Cyber Insurance

    Unsolicited Response Podcast: Cyber Insurance

    Who would have thought a podcast on insurance would be one of my favorite and most interesting I’ve done in the past few years. I spoke with Eireann Leverett and Jennifer Copic of the University of Cambridge Centre for Risk Studies. They were two o…
    - 1 day ago Thursday, August 27, 2015 -
  • Why Malvertising Matters

    Why Malvertising Matters

    Malvertising has been back in the news recently. This is no surprise to us here at Bromium, check out the report we issued on malvertising via YouTube last year. In our paper we concluded that ad networks could be leveraged by, or even replace attack…
    - 3 days ago Tuesday, August 25, 2015 -
  • Reflections on Trusting Switches

    Reflections on Trusting Switches

    The Switches Get Stitches crew has been hard at work on quite a few switching projects. Indeed they released a new exploit tool against GE and GarrettCom switches early this morning, after attempting to get a fix for a Denial of Service bug for at le…
    - 8 days ago Thursday, August 20, 2015 -
  • S4x16 CFP Ends Aug 31 / Also Looking for 1-Day Courses

    S4x16 CFP Ends Aug 31 / Also Looking for 1-Day Courses

    The best way to get the most of any conference is to be a speaker. At S4 you get a chance to present your great research or passionate viewpoint to an audience of advanced ICSsec pro’s who will get it. They might not agree, but they will get it. So…
    - 8 days ago Thursday, August 20, 2015 -
  • OSIsoft Self-Reports 56 Vulns

    OSIsoft Self-Reports 56 Vulns

    I tweeted on this OSIsoft self-disclosure last week: It’s huge that OSIsoft self reported these and even provided summary CVSS info. Continued leadership in ICSsec space https://t.co/YL3dYw3HxU — Dale Peterson (@digitalbond) August 14, 2015 But…
    - 10 days ago Tuesday, August 18, 2015 -
  • Friday News and Notes

    Friday News and Notes

    BlackHat and DefCon are over, and vendors are breathing sighs of relief (or, digging trenches). Let’s look at this week’s top news, according to us. In the database world, we have two stories (a fail and a win): – Oracle’s CSO floated a vague…
    - 14 days ago Friday, August 14, 2015 -
  • Bromium Black Hat Survey: Endpoint Risk Five Times Greater Than Network or Cloud

    Bromium Black Hat Survey: Endpoint Risk Five Times Greater Than Network or Cloud

    Today, Bromium published “Black Hat 2015: State of Security,” a report that analyzes the results of a survey of more than 100 information security professionals at Black Hat 2015. Key findings from “Black Hat 2015: State of Security” include:…
    - 16 days ago Wednesday, August 12, 2015 -
  • Breaking the Unbreakable Comb: The Importance of Bug Bounty Programs

    Breaking the Unbreakable Comb: The Importance of Bug Bounty Programs

    When I was a kid, I remember going to the barber shop with my brother, who was given an “unbreakable” comb by the barber. My brother promptly snapped it into two pieces. It was not unbreakable to him. I am reminded of this story because Oracle CS…
    - 17 days ago Tuesday, August 11, 2015 -
  • Crackpot Hackpots Pop Top Of GasPots

    - 21 days ago Friday, August 7, 2015 -
  • SCADA with antenna

    SCADA with antenna

    Sometimes you can meet a SCADA with antenna.Sometimes it's a old and boring 802.11 Wi-Fi antenna.Sometimes it's a cool bright new 3G/4G device.For sure friends don't let friends put SCADA on the Internet, and plug computer into your USB.Apparently,…
    - 22 days ago Friday, August 7, 2015 -
  • A Few Facts on IEC61850 in China

    A Few Facts on IEC61850 in China

    A Few Facts on IEC61850-based Substation Integration & Automation in China by Mr Jim Y Cai, Dr Gao Xiang and Dr. Jun Zha:- In 2013, 10 000 substations from 35KV to 10000KV with 100% 61850 based IEDs are in operation- By the end of 2013, there are 893…
    - 24 days ago Tuesday, August 4, 2015 -
  • More OT is Mission Critical IT

    More OT is Mission Critical IT

    I’d encourage loyal readers to check out the comments on the recent OT is Mission Critical IT article. Some are better written than my original article and others highlight the problem. Jake writes: Most IT departments would take “mission critica…
    - 25 days ago Monday, August 3, 2015 -
  • The Best Virtual Desktop Ever: Windows 10 on a Surface Pro 3

    The Best Virtual Desktop Ever: Windows 10 on a Surface Pro 3

    Over the last decade many enterprises have tinkered with Virtual Desktop Infrastructure (VDI) as an alternative to PCs.    A VDI user accesses a remote, virtualized Windows desktop OS delivered “as a service” from the enterprise datacenter or…
    - 28 days ago Friday, July 31, 2015 -
  • 7 essential SQL Server security tips

    7 essential SQL Server security tips

    Like so much of IT, database security requirements largely depend on the situation and environment. Needs may be completely different from one shop to another, even among different servers in the same shop. This is the problem I have with best practi…
    - 28 days ago Friday, July 31, 2015 -
  • Endpoint Exploitation Trends (but what of Hacking Team!?)

    Endpoint Exploitation Trends (but what of Hacking Team!?)

    Today, Bromium released “Endpoint Exploitation Trends 1H 2015,” a Bromium Labs threat report that analyzes security trends from the first six months of 2015. One of the primary themes to emerge from the report should come as no surprise: cyber cr…
    - 30 days ago Wednesday, July 29, 2015 -
  • OT Is Mission Critical IT

    OT Is Mission Critical IT

    The Tripwire team asked a number of people for 100 words on the following questions: How does the IoT change the dynamics between IT and OT? What practical tips can you provide for working together effectively? You can read the full set of responses…
    - 30 days ago Wednesday, July 29, 2015 -
  • Zero Day vulnerabilities – much to do about nothing

    Zero Day vulnerabilities – much to do about nothing

    Zero day vulnerabilities and exploits have been back in the news again recently. The recent breach of Hacking Team revealed insights into the grey market for zero-day exploits as well as new exploits against Adobe Flash and Microsoft Windows. Here we…
    - 35 days ago Friday, July 24, 2015 -
  • Black Hat 2015: 32 SCADA, Mobile Zero-Day Vulns Will Drop

    - 38 days ago Tuesday, July 21, 2015 -
  • Bootkit via SMS (updated)

    Bootkit via SMS (updated)

    Updated slides of Bootkit via SMS research as presented at HITB by Timur Yunusovand Kirill Nesterov.New stuff: user tracking, "infection" statistics, suddenly vxWorks."Express" 31C3 video: https://www.youtube.com/watch?v=jmY9VRq5e1Y&t=5420 bootkit…
    - 39 days ago Tuesday, July 21, 2015 -
  • Micro-virtualization: The only way to defeat Hacking Team 0-days

    Micro-virtualization: The only way to defeat Hacking Team 0-days

    This week micro-virtualization helped to make your organization more secure. The Hacking Team breach laid bare the resourcefulness and sophistication of today’s determined attackers, and the ease with which they operate. It also cast into stark rel…
    - 43 days ago Thursday, July 16, 2015 -
  • CVSS for ICS

    CVSS for ICS

    A failing grade When reading CERT advisories in the ICS space I used to skim to the CVSS score as a quick way to assess what the vuln was. I rarely like what I see when I think about the actual vulnerability to which the score is applied. CVSS, or th…
    - 43 days ago Thursday, July 16, 2015 -
  • Flash Vulnerabilities Show No Signs of Slowing

    Flash Vulnerabilities Show No Signs of Slowing

    Last month, I blogged about a Flash zero day. This month, two more Flash zero days have emerged as the result of the Hacking Team leaks. These critical vulnerabilities have some security experts calling for a new approach to Flash. ZDNet reports that…
    - 44 days ago Wednesday, July 15, 2015 -
  • Bromium Partners to Bring Micro-virtualization to Windows 10

    Bromium Partners to Bring Micro-virtualization to Windows 10

    Bromium has partnered with Microsoft to ensure Bromium micro-virtualization and Windows 10 will work better together to provide the most secure endpoint solution on the market. Windows 10 offers powerful new protections that make it the most secure…
    - 46 days ago Monday, July 13, 2015 -
  • 21.5 Million Reasons to Defeat the Next Attack

    21.5 Million Reasons to Defeat the Next Attack


    - 49 days ago Friday, July 10, 2015 -
  • SHAKACON Day 2 & Go/No Go

    SHAKACON Day 2 & Go/No Go

    SHAKACON was a well run and friendly conference with about 300 attendees and high quality talks over 2 days. If you are thinking about it for 2016: GO – If you live in Hawaii. This is a no brainer. The opportunity to go to Hawaii draws better speak…
    - 49 days ago Friday, July 10, 2015 -
  • SHAKACON Day 1

    SHAKACON Day 1

    Three sessions at Day 1 of SHAKACON in Honolulu were noteworthy for the ICSsec community. Charlie Miller and Chris Valasek on Auto Hacking The big session from this team will be at Blackhat where they will unveil and demo their ability to remotely co…
    - 50 days ago Thursday, July 9, 2015 -
  • A Vote of No Confidence: Antivirus Effectiveness Falls to All-time Low

    A Vote of No Confidence: Antivirus Effectiveness Falls to All-time Low

    Today, Bromium released the results of its “Enterprise Security Confidence Report,” a survey of more than 125 information security professionals, focused on the greatest risks facing organizations today, the effectiveness of various security solu…
    - 59 days ago Tuesday, June 30, 2015 -
  • Greater than Zero: New Adobe Flash Exploit

    Greater than Zero: New Adobe Flash Exploit

    News today, Brian Krebs reports of a new Adobe Flash zero-day and its associated critical patch. According to Krebs, Adobe claims the exploit (CVE-2015-3113) is already being used in targeted attacks, so security teams should be on high alert. Adobe…
    - 66 days ago Tuesday, June 23, 2015 -
  • Cyber Security & Job Security

    Cyber Security & Job Security

    The aftermath of the OPM breach is beginning to play out with Congress calling for resignations. The Wall Street Journal reports on official hearings with conflicted testimony. The Chairman of the House Committee on Oversight and GOvernemtn Reform Re…
    - 70 days ago Friday, June 19, 2015 -
  • OPM Fallout: Is it time for a Cyber-Y2K?

    OPM Fallout: Is it time for a Cyber-Y2K?

    Do you remember the Y2K problem? In the years before the year 2000 there was huge concern that a wide range of systems would fail because many programs and even compilers used only two digits for the year, and therefore 2000, stored as “00” could…
    - 71 days ago Thursday, June 18, 2015 -
  • Duqu 2.0 – Who’s The Lord of Ring0?

    Duqu 2.0 – Who’s The Lord of Ring0?

    Last week we saw another sophisticated attack unearthed by a large security company from its own compromised internal networks (yes, even cyber defenders are fallible). This attack leverages the most dangerous weakness on a system, namely an unknown…
    - 73 days ago Tuesday, June 16, 2015 -
  • A Major Step Toward Enterprise Wide Security By Design

    A Major Step Toward Enterprise Wide Security By Design

    Today Bromium announced the general availability of Bromium Enterprise Controller (BEC), a key component in our architecture to help enterprises achieve security by design.  This post is just a brief introduction.  I’ll provide more detail shortl…
    - 86 days ago Wednesday, June 3, 2015 -
  • Healthcare Information Security in Critical Condition

    Healthcare Information Security in Critical Condition

    News today, CareFirst is reporting that that medical records of 1.1 million customers have been breached. The news casts a shadow over the healthcare industry, which is still recovering from the breach of 80 million records from Anthem earlier this y…
    - 99 days ago Thursday, May 21, 2015 -
  • Bromium Appoints Ian Pratt as CEO and Ravi Khatod as COO

    Bromium Appoints Ian Pratt as CEO and Ravi Khatod as COO

    By: Ian Pratt, co-founder & CEO After four successful years of leadership, our co-founder Gaurav Banga is leaving Bromium.  I am taking the reins at Bromium for the next chapter of its growth, and am excited to lead the company as we expand our pr…
    - Monday, May 18, 2015 -
  • Friends don't let friends put SCADA on the Internet

    Friends don't let friends put SCADA on the Internet

    New analytic research on ICS components vulnerabilities.146 137 are online, (at least) 15000 can be hacked by script-kiddie.Pictures belowNumber of confirmed ICS vulns per year Per vendorICS components in the InternetAutopwn ICS components in the I…
    - Monday, May 18, 2015 -
  • Reports of Rombertik have been (greatly) exaggerated

    Reports of Rombertik have been (greatly) exaggerated

    News last week painted Rombertik as the newest “chicken little” security threat, by which I mean “the sky is falling!” By initial reports, Rombertik was a piece of malware so dangerous that it would destroy your computer if it was detected an…
    - Wednesday, May 13, 2015 -
  • More news from nowhere

    More news from nowhere

    Fixes for Inductive Automation Ignition 7.7.2. Bugs by Evgeny Druzhinin, Alexey Osipov, Ilya Karpov, and Gleb Gritsai. Simple bugs, simple list. CVE-2015-0976CVE-2015-0991CVE-2015-0992CVE-2015-0993CVE-2015-0994CVE-2015-0995  Please note!These vulner…
    - Tuesday, May 5, 2015 -
  • Now or never. CIA vs Schneider Electric

    Now or never. CIA vs Schneider Electric

    Few bugs in InduSoft Web Studio and InTouch Machine Edition 2014 recently fixed by Schneider Electric were discovered during PHDays Critical Infrastructure Attack challenge. Kudos @alisaesage. For bless you.Absolutely old-school-community-drive-resp…
    - Tuesday, May 5, 2015 -
  • Rail Signal Upgrade Could Be Hacked To Cause Crashes

    - Thursday, April 23, 2015 -
  • RSA Conference Survey: Which Security Solutions Made the Grade?

    RSA Conference Survey: Which Security Solutions Made the Grade?

    This week at the RSA Conference, I had the opportunity to talk with dozens upon dozens (more than 100) of information security professionals for Bromium’s “State of Security Report Card,” a survey of opinions about popular security solutions. I…
    - Thursday, April 23, 2015 -
  • Your City's Not Smart If It's Vulnerable, Says Hacker

    - Monday, April 20, 2015 -
  • Much Ado about the Verizon Data Breach Incident Report

    Much Ado about the Verizon Data Breach Incident Report

    It’s that time of the year again! No, not Tax Day, the release of the Verizon Data Breach Incident Report, which provides analysis of more than 79,000 security incidents and 21,000 breaches. The report itself is 70 pages long, which you can take th…
    - Wednesday, April 15, 2015 -
  • Courage in the face of cyber-nihilism

    Courage in the face of cyber-nihilism

    It’s been a depressing start to the year as far as breaches and malware go, and I’ve seen a worrisome trend toward “cyber-despondency” in the sentiment of many CISOs.   When orgs with huge security budgets are still easily rolled and we see…
    - Monday, April 6, 2015 -
  • Retailers Check-Out Intelligence Sharing Platform

    Retailers Check-Out Intelligence Sharing Platform

    News this week that the Retail Cyber Intelligence Sharing Center (R-CISC) is collaborating with the Financial Services ISAC (FS-ISAC) on its new threat intelligence portal. The R-CISC is working with the FS-ISAC to share threat information, in an att…
    - Friday, March 27, 2015 -
  • Dridex Reminds Us: You Can’t Prevent What You Can’t Detect

    Dridex Reminds Us: You Can’t Prevent What You Can’t Detect

    News this week of the Dridex malware campaign  (the newest member of the GameOver Zeus Trojan family) should serve as a reminder that you can’t stop what you can’t see. According to the research, the attack vectors remain the same as it ever was…
    - Wednesday, March 25, 2015 -
  • Call of Duty: Modern Ransomware

    Call of Duty: Modern Ransomware

    Not even an extra life can save gamers now. Bromium Labs has just published research that identifies a new strain of crypto-ransomware that locks many popular games, including Call of Duty, Minecraft and World of Warcraft. Bromium researchers first…
    - Thursday, March 12, 2015 -
  • US Industrial Control Systems Attacked 245 Times In 12 Months

    - Thursday, March 12, 2015 -
  • CSOs: Does this Network Admin Work at YOUR Company!?

    CSOs: Does this Network Admin Work at YOUR Company!?

    Information security is hard. Data breaches on the scale of Target, Home Depot, Sony and Anthem serve as a constant reminder that it is impossible to detect a determined attacker until it is too late. Bromium research has consistently found that the…
    - Wednesday, March 11, 2015 -
  • Kaspersky: ‘A very bad incident’ awaits critical infrastructure

    Kaspersky: ‘A very bad incident’ awaits critical infrastructure

    Cyber-terrorism attacks against power grids, water supply systems, chemical plants and other critical infrastructure loom as a threat that could become harsh reality before slow-moving agencies act to secure them better, says the head of Kaspersky La…
    - Tuesday, March 10, 2015 -
  • Is it time to FREAK out?

    Is it time to FREAK out?

    The security industry was whipped into a frenzy this week with the discovery of the FREAK vulnerability, which enables a determined attacker to downgrade SSL traffic from “strong” RSA encryption to “export-grade” RSA encryption. The vulnerabi…
    - Friday, March 6, 2015 -
  • The Hidden Costs of Security

    The Hidden Costs of Security

    I think we are all familiar with the obvious costs of poor security. Millions of dollars lost recovering from breaches, brand damage and etc. This is pretty much the conventional wisdom now days. Luckily my job includes speaking and interacting with…
    - Thursday, March 5, 2015 -
  • First Impression: GAO Report on FAA Security – The Sky is Not Falling

    First Impression: GAO Report on FAA Security – The Sky is Not Falling

    Yesterday, the Government Accountability Office (GAO) released “FAA Needs to Address Weaknesses in Air Traffic Control Systems,” a report that highlights the improvements the Federal Aviation Administration (FAA) needs to make to its critical air…
    - Tuesday, March 3, 2015 -
  • Russian Cyber Menace Threatens Industrial Systems

    - Monday, March 2, 2015 -
  • Wall Street Journal CIO Network Event: Old Thinking Won’t Fix New Problems

    Wall Street Journal CIO Network Event: Old Thinking Won’t Fix New Problems

    Earlier this month, the Wall Street Journal published a blog, “CIOs Name Their Top 5 Strategic Priorities,” which collected the recommendations from a variety of technical leaders at a CIO Network event. Author Steven Norton notes: While proposal…
    - Friday, February 27, 2015 -
  • When Zero Days Become Weeks or Months

    When Zero Days Become Weeks or Months

    As February comes to a close we have already seen critical patches from Adobe and Microsoft. Even more concerning, Microsoft has not yet patched a recently disclosed Internet Explorer zero-day. For better or worse, Google’s “Project Zero” is pu…
    - Wednesday, February 25, 2015 -
  • How ‘Power fingerprint’ could improve security for ICS/SCADA systems

    How ‘Power fingerprint’ could improve security for ICS/SCADA systems

    Most people have heard that one way law enforcement can figure out who might be growing marijuana in their basement is to monitor power consumption.If a small house is sucking up as much electricity as two or three similar houses in the neighborhood,…
    - Monday, February 23, 2015 -
  • Securing Obama’s “Internet Cathedral” – Who are its priests?

    Securing Obama’s “Internet Cathedral” – Who are its priests?

    At last week’s Cyber Security Summit at Stanford, President Obama sought to reset his administration’s relationship with a tech community alienated by an endless stream of disclosures of the government’s penetration of technology companies to…
    - Wednesday, February 18, 2015 -
  • Risky Clicks: End users cause the majority of security headaches

    Risky Clicks: End users cause the majority of security headaches

    In January 2015, Bromium conducted a survey of more than 100 information security professionals, focused on the greatest challenges and risks facing their organizations today. The results indicate that end users continue to remain the greatest sec…
    - Wednesday, February 18, 2015 -
  • Kaspersky SAS 2015 CablemeltingBAD
    Slides from Kaspersky SAS "SCADA in the cloud" talk. If you saw our 31C3 report you can start from the slide N36. Important quotesICS Cybersecurity definitiona process that ensures control object operation with no dangerous failures or damage, but w…
    - Tuesday, February 17, 2015 -
  • Siemens SIMATIC TIA Portal (Step 7/WinCC) fixes

    Siemens SIMATIC TIA Portal (Step 7/WinCC) fixes


    - Monday, February 16, 2015 -
  • Siemens Sighs: SCADA Bugs Abound

    - Thursday, February 5, 2015 -
  • The Vicious Cycle of “Assuming Compromise”

    The Vicious Cycle of “Assuming Compromise”

    When you walk the floors of industry trade shows and speak with security vendors, one of the most predominant endpoint security myths is “assume you will be compromised.” Of course, this is a fallacy, but as a result of this axiom, the security i…
    - Friday, January 30, 2015 -
  • Cyber-security: Changing the Economics!

    Cyber-security: Changing the Economics!

       The impact of recent cyber attacks will be felt for years to come, perhaps having risen to a new level of hurt with the Target and Sony attacks. With a Fortune 500 CEO ousted and a Hollywood movie held hostage, cyber-security is on the minds of…
    - Tuesday, January 27, 2015 -
  • Internet Attack Could Shut Down US Gas Stations

    - Thursday, January 22, 2015 -
  • Attackers Planting Banking Trojans In Industrial Systems

    - Tuesday, January 13, 2015 -
  • 31C3: Too Smart Grid in da Cloud ++

    31C3: Too Smart Grid in da Cloud ++

    This year we want to discuss Green Energy. Our hackers' vision of Green Energy, SmartGrids and Cloud IoT technology.  Our latest research was devoted to the analysis of the architecture and implementation of the most wide spread platforms for wind a…
    - Tuesday, December 30, 2014 -
  • SOS! Secure Open SmartGrids!

    SOS! Secure Open SmartGrids!

    Dear all,After our 31C3 Too SmartGrid in da Cloud talk we get many questions about Solar and Wind plants vulnerabilities, Internet connected SmartGrid devices. Guys, sorry, but we don’t know yet.There are dozens of platforms, hundreds of vendors,…
    - Sunday, December 28, 2014 -
  • South Korea Nuclear Plant Hit By Hacker

    - Tuesday, December 23, 2014 -
  • Hack Attack Causes Massive Damage At Steel Works

    - Monday, December 22, 2014 -
  • Chasing the White Whale: How Advanced Attacks Leverage Spear Phishing

    Chasing the White Whale: How Advanced Attacks Leverage Spear Phishing

    Update: Breaking News: ICANN targeted in a spear phishing attack Information security becomes increasingly important as the frequency of cyber attacks increases. From Target to Sony, the past 12 months have played host to the largest volume of attack…
    - Tuesday, December 16, 2014 -
  • Well, Honeywell

    Well, Honeywell

    New knowledge about Honeywell Experion Process Knowledge System. Yes, you must patch it.Yes, it's all about grep +1 SSRF.Thanks to Alexander Tlyapov, Gleb Gritsai, Kirill Nesterov, Artem Chaykin and Ilya KarpovHoneywell advisory/patch:https://www.h…
    - Tuesday, December 16, 2014 -
  • Picture This: Sony Hack Won’t Be the Last

    Picture This: Sony Hack Won’t Be the Last

    The FBI has warned US companies of a wave of destructive cyber attacks, in light of the recent Sony hack. I commented to eSecurityPlanet and SecurityWeek: “These attacks are troublesome, but not surprising. Earlier this year we witnessed Code Space…
    - Thursday, December 11, 2014 -
  • Cylance unveils details of Iran-based hacking in ‘Operation Cleaver’ report

    Cylance unveils details of Iran-based hacking in ‘Operation Cleaver’ report

    The list of sophisticated cyber espionage attacks continues to grow. Cylance released a report about cyber espionage activity out of Iran, which it has dubbed “Operation Cleaver”, and from what Cylance has discovered it seems there is good reason…
    - Wednesday, December 3, 2014 -
  • Siemens patches critical SCADA flaws likely exploited in recent attacks
    Siemens released security updates for several of its SCADA (supervisory control and data acquisition) products for industrial environments, in order to fix critical vulnerabilities that may have been exploited in recent attacks.One of the vulnerabi…
    - Monday, December 1, 2014 -
  • BootKit via SMS

    BootKit via SMS

    One of demo from PacSec and ZeroNights.Short FAQQ: Is it BadUSB?A: Not exactly, but kind of. Can be applied to any Android gadget. Q: Is it local or remote stuff?A: Can be done remotely (web/sms) for 4G/3G modemsQ: Any threats to ICS?A: YesQ: Huawei?…
    - Wednesday, November 19, 2014 -
  • Is it time to Fire your network protection vendor?

    Is it time to Fire your network protection vendor?

    I hereby solemnly promise that Bromium will never have a product with “fire” in its name.  By now every vendor in the  next-gen IDS / IPS / Firewall / honeypot-as-ultimate-defense-against-the-dark-arts market has a next-gen “fire”-branded p…
    - Monday, November 10, 2014 -
  • An Unprecedented Look At Stuxnet, The World's First Digital Weapon

    - Monday, November 3, 2014 -
  • Different type of SCADA...

    Different type of SCADA...

    +Update http://blog.ptsecurity.com/2015/01/hacking-atm-with-raspberry-pi.htmlSlides and demo from Olga and Alex report on ATM hacking at Black Hat. MS08-067 strikes again. Now ATM.There are a lot of different kinds of SCADA... Click Enjoy...
    - Wednesday, October 29, 2014 -
  • BlackEnergy Malware Has Compromised Systems For 2 Years

    - Wednesday, October 29, 2014 -
  • Attack of the malicious document – what was old is new again

    Attack of the malicious document – what was old is new again

    Recent zero day attacks targeting Windows using malicious Office documents should be a reminder to all of us that no attack vector ever truly dies, it just lurks in the background waiting for it’s time to come again. Malicious Office documents have…
    - Wednesday, October 22, 2014 -
  • Many Eyes Make Credible Security

    Many Eyes Make Credible Security

    We are proud to announce the successful results of an independent source-code review and penetration test of vSentry version 2.4 by the leading security consultancy  IOActive – acknowledged as one of the world’s leading security firms serv…
    - Tuesday, October 14, 2014 -
  • What is my encryption key?

    What is my encryption key?

    Update for update for WinCC <7.3. Now for Siemens SIMATIC PCS 7 <8.1.Details: https://ics-cert.us-cert.gov/advisories/ICSA-14-205-02A
    - Thursday, October 9, 2014 -
  • Why is Bromium InDemand?

    Why is Bromium InDemand?

    Recently LinkedIn recognized Bromium as one of the 10 most InDemand startups in the Bay Area. Thank you LinkedIn, and thank you Bay Area Tech Community! A number of folks, prospective and current co-workers, investors, customers, and friends have per…
    - Friday, October 3, 2014 -
  • Threat Intelligence firm mistakes research for nation-state attack

    Threat Intelligence firm mistakes research for nation-state attack

    [Updates to this story appear on page two.]On Tuesday, Bloomberg published a story based on honeypot scans, which was a follow-up to a previously published piece that explored the nature of attacks against industrial-control systems.Bloomberg's stori…
    - Wednesday, October 1, 2014 -

IT News

Youtube News - CyberSecurity

https://youtube.com/devicesupport
https://youtube.com/devicesupporthttp://m.youtube.com
- Friday, April 17, 2015 -

InfoSec Podcasts

  • newISC StormCast for Friday, August 28th 2015
    Obfuscating Malicious Word Macros Inside PDFs https://isc.sans.edu/forums/diary/PDF+maldoc1+maldoc2/20079/Patch For BitTorrent Traffic Amplification Bug http://engineering.bittorrent.com/2015/08/27/drdos-udp-based-protocols-and-bittorrent/Adobe Cold…
    - 23 hours ago Thursday, August 27, 2015 -
  • newEpisode 431 Security News Stories: Ashley Madison Hack

    Episode 431 Security News Stories: Ashley Madison Hack

    This week in the news we discuss Googles new Wifi router and finding staff to work for Uber.
    - 1 day ago Thursday, August 27, 2015 -
  • newRisky Business #380 -- AshMad fallout: Attackers doxed, suicides and mayhem
    On this week's show we look at the fallout from the Ashley Madison attack. Did Brian Krebs just dox the Impact Team ringleader? Is he Australian?Adam Boileau and I talk about all the AshMad fallout and other infosec news.read more
    - 2 days ago Thursday, August 27, 2015 -
  • newISC StormCast for Thursday, August 27th 2015
    TeslaCrypt 2.0 Malware Moves Back to Angler from Neutrino EK https://isc.sans.edu/forums/diary/Actor+that+tried+Neutrino+exploit+kit+now+back+to+Angler/20075/Hardcoded Default Admin Password in Serveral DSL Routers http://www.kb.cert.org/vuls/id/9505…
    - 2 days ago Wednesday, August 26, 2015 -
  • newEpisode 431: Interview with Phil Young and Chad Rikansrud

    Episode 431: Interview with Phil Young and Chad Rikansrud

    This week, we interview Bigendian Smalls and the Soldier of Fortran on mainframe hacking. Learn about writing exploits for z/OS and nmap modules.
    - 2 days ago Wednesday, August 26, 2015 -
  • newISC StormCast for Wednesday, August 26th 2015
    Dropbox Phishinghttps://isc.sans.edu/forums/diary/Dropbox+Phishing+via+Compromised+Wordpress+Site/20073/Recordable Activator Exploits Certifigate Vulnerability http://blog.checkpoint.com/2015/08/25/certifigate-statistics-exploitation-mitigation/Malwa…
    - 3 days ago Tuesday, August 25, 2015 -
  • Episode 430 Security News Stories: Oracle, Lenovo, and StageFright

    Episode 430 Security News Stories: Oracle, Lenovo, and StageFright

    This week in stories we discuss the redacted blog post by Oracle CSO Mary Ann Davidson, hacking cars with a text message, and are you using Android?
    - 3 days ago Tuesday, August 25, 2015 -
  • ISC StormCast for Tuesday, August 25th 2015
    Samsung Smart Fridge Vulnerabilities http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/Remote Access Security https://isc.sans.edu/forums/diary/Are+You+Protecting+your+Backdoor/20069/Amazon No Longer Allowing flash in…
    - 4 days ago Monday, August 24, 2015 -
  • Episode 430: Interview with Daniel Miessler

    Episode 430: Interview with Daniel Miessler

    Daniel Miessler is Principal Security Architect with HP based out of San Francisco, California. He specializes in application security with specific focus in web and mobile application assessments, helping enterprise customers build effective applica…
    - 4 days ago Monday, August 24, 2015 -
  • DtSR Episode 157 - NewsCast for Aug 24th, 2015
    In this episode...Just when you thought America's neutered "chip & sign" was a safehttp://krebsonsecurity.com/2015/08/chip-card-atm-shimmer-found-in-mexico/Admittedly we put these stories in here just to get Michael all fired upAshley Madison's d…
    - 5 days ago Monday, August 24, 2015 -
  • ISC StormCast for Monday, August 24th 2015
    Decline in Malware From Windigo Group https://isc.sans.edu/forums/diary/A+recent+decline+in+traffic+associated+with+Operation+Windigo/20065/ZScaler Associates Recent Malware Spike with Wordpress Exploits http://research.zscaler.com/2015/08/neutrino-c…
    - 5 days ago Sunday, August 23, 2015 -
  • ISC StormCast for Friday, August 21st 2015
    Symantec Cloud Endpoint Protection Conflict with MS15-084 https://isc.sans.edu/forums/diary/Microsoft+patch+tuesday+problem+with+Symantec+Cloud+Endpoint+protection/20037/Android Multitasking Flaw https://www.usenix.org/system/files/conference/usenixs…
    - 8 days ago Thursday, August 20, 2015 -
  • Risky Business #379 -- Ashley Madison dump, Troy Hunt and The Grugq
    In this week's podcast we check in with Troy Hunt from HaveIBeenPwned.com. Troy has done the responsible thing in adding the Ashley Madison dataset to his service -- you can only search for email addresses in the dump after you've verified that you c…
    - 9 days ago Thursday, August 20, 2015 -
  • ISC StormCast for Thursday, August 20th 2015
    Outsourcing Critical Infrastructure https://isc.sans.edu/forums/diary/Outsourcing+critical+infrastructure+such+as+DNS/20057/Actor Switching from Angler EK to Neutrino https://isc.sans.edu/forums/diary/Actor+using+Angler+exploit+kit+switched+to+Neutri…
    - 9 days ago Wednesday, August 19, 2015 -
  • ISC StormCast for Wednesday, August 19th 2015
    Special Microsoft Internet Explorer Patch https://isc.sans.edu/forums/diary/Microsoft+Security+Bulletin+MS15093+Critical+OOB+Internet+Explorer+RCE/20053/More Android Media Handling Bugs http://blog.trendmicro.com/trendlabs-security-intelligence/media…
    - 10 days ago Tuesday, August 18, 2015 -
  • ISC StormCast for Tuesday, August 18th 2015
    New Version of Kansa Framework for DFIR https://isc.sans.edu/forums/diary/Tool+Tip+Kansa+Stafford+released+PowerShell+for+DFIR/20049/Exploiting the Chrome XSS Auditor http://blog.portswigger.net/2015/08/abusing-chromes-xss-auditor-to-steal.htmlAnothe…
    - 11 days ago Monday, August 17, 2015 -
  • Episode 164 - Why We Can't Have Nice Things
    This week's show notes:Vegas: BlackHat Day 1 Car Hacking BlackHat Day 2 Defcon Roundup @sawaba's BSides Talk Washington Post's Article on l0phtOracle's CSO makes a questionable publishing decisionWhere you can find us: @SFSPodcast @jsokoly @steved…
    - 11 days ago Monday, August 17, 2015 -
  • DtSR Episode 156 - Leadership Defined Measured and Discussed
    In this episode...We discuss the ever-growing need for strong leadership in securityI ask whether experience and longevity in a position naturally brings leadership qualitiesWe talk through how leadership interplays with other competenciesMichael…
    - 12 days ago Monday, August 17, 2015 -
  • ISC StormCast for Monday, August 17th 2015
    Adwind https://isc.sans.edu/diary/Adwind+another+payload+for+botnetbased+malspam/20041/Hunting https://isc.sans.edu/forums/diary/Are+you+a+Hunter/20045/Kaspersky Accused of Manufacturing False Positiveshttp://www.theregister.co.uk/2015/08/14/kaspersk…
    - 12 days ago Sunday, August 16, 2015 -
  • ISC StormCast for Friday, August 14th 2015
    Symantec Enpoint Manager Issues With Latest Microsoft PatchApple Patches https://support.apple.com/en-us/HT201222Cisco Advisory About iOS Firmware Attacks http://tools.cisco.com/security/center/viewAlert.x?alertId=40411Google Stagefright Patch Incomp…
    - 15 days ago Thursday, August 13, 2015 -
  • Risky Business #378 -- Mary Ann Davidson vs Krebs and Dowd
    On this week's show we're chatting with Mark Dowd and Brian Krebs about Oracle CSO Mary Ann Davidson's somewhat odd blog post from earlier this week. In the post she laid into security researchers for violating Oracle's EULA when reverse engineering…
    - 16 days ago Thursday, August 13, 2015 -
  • ISC StormCast for Thursday, August 13th 2015
    Enumerating Windows Service Accounts https://isc.sans.edu/forums/diary/Windows+Service+Accounts+Why+Theyre+Evil+and+Why+Pentesters+Love+them/20029/Apple App Store Store XSS Vulnerability https://isc.sans.edu/forums/diary/Yes+Virginia+Stored+XSSs+Do+E…
    - 16 days ago Wednesday, August 12, 2015 -
  • Chet Chat 211 - Aug 12, 2015
    Join Sophos security experts Chester Wisniewski and Paul Ducklin as they tackle the latest security news in our weekly podcast.This time: a password-stealing zero-day in Firefox; a "grab root privilege" hole in Android; a firmware worm for Macs...a…
    - 16 days ago Wednesday, August 12, 2015 -
  • ISC StormCast for Wednesday, August 12th 2015
    Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/August+2015+Microsoft+Patch+Tuesday/20023/Adobe Flash Player Update https://isc.sans.edu/forums/diary/More+patch+tuesday+adobe+released+security+update+for+adobe+flash+player/20025/Oracle CISO…
    - 17 days ago Tuesday, August 11, 2015 -
  • ISC StormCast for Tuesday, August 11th 2015
    .com.com domain used in typo squating fake virus scams https://isc.sans.edu/forums/diary/COMCOM+Used+For+Malicious+Typo+Squatting/20019/Facebook User Enumeration Via Phonenumber https://www.linkedin.com/pulse/facebook-users-make-sure-your-mobile-phon…
    - 18 days ago Monday, August 10, 2015 -
  • DtSR Episode 155 - NewsCast for Aug 10th, 2015
    In this episode...The Belgian government's internal phishing test has "gone off the rails" a bitUsed a legitimate entity to test againstPanic and hilarity ensued, but mostly panichttp://www.networkworld.com/article/2951514/security/belgian-govern…
    - 19 days ago Monday, August 10, 2015 -
  • ISC StormCast for Monday, August 10th 2015
    Firefox Update https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/Ubiquity Breach http://www.sec.gov/Archives/edgar/data/1511737/000157104915006288/t1501817_8k.htmInjecting Malicious Upgrades with WSUS https://www.blackhat…
    - 19 days ago Sunday, August 9, 2015 -
  • Chet Chat 210.5 - Aug 7, 2015
    Sophos expert Chester Wisnieski is in Las Vegas this week, at the Black Hat 2015 conference.Paul Ducklin caught up with Chester on the Sophos booth to get his impressions. Oh, and Duck asked Chet how many Apple Watches he'd spotted...listen at 8'35…
    - 22 days ago Friday, August 7, 2015 -
  • ISC StormCast for Friday, August 7th 2015
    Sigcheck and Virustotal-search https://isc.sans.edu/forums/diary/Sigcheck+and+virustotalsearch/20009/Tesla S Hack http://www.wired.com/2015/08/researchers-hacked-model-s-teslas-already/Hacking Garage Door Openers http://arstechnica.com/security/2015/…
    - 22 days ago Thursday, August 6, 2015 -
  • Risky Business #377 -- Wassenaar back to drawing board, latest from BlackHat
    On this week's show we discuss the BIS decision to ditch its car-a-zay plans for Wassenaar regulation, the latest car hacking news and more.We also check in with Trey Ford in this week's feature slot. Trey was the General Manager of the BlackHat con…
    - 23 days ago Thursday, August 6, 2015 -
  • ISC StormCast for Thursday, August 6th 2015
    Nuklear Exploit Kit Traffic Patterns https://isc.sans.edu/forums/diary/Nuclear+EK+traffic+patterns+in+August+2015/20001/ICANN Breach https://www.icann.org/news/announcement-2015-08-05-enAndroid Moving to Monthly Updates http://officialandroid.blogspo…
    - 23 days ago Wednesday, August 5, 2015 -
  • Chet Chat 210 - Aug 5, 2015
    Join Sophos experts John Shier and Paul Ducklin for the latest episode of our award-winning security podcast.This week: Windows 10 updating, Tor's trustworthiness, Xen bugfix, BIND server problems, and get free stuff at booth 452 at #BHUSA.
    - 23 days ago Wednesday, August 5, 2015 -
  • ISC StormCast for Wednesday, August 5th 2015
    https://isc.sans.edu/forums/diary/Whatever+Happened+to+tmUnblockcgi+Moon+Worm/19999/Yahoo Malvertising https://blog.malwarebytes.org/malvertising-2/2015/08/large-malvertising-campaign-takes-on-yahoo/HTML5 Battery Status API http://eprint.iacr.org/201…
    - 24 days ago Tuesday, August 4, 2015 -
  • Interview with Wendy Nather
    No full episode this week thanks to Security Summer Camp, but Martin got to sit down and chat with good friend of the podcast Wendy Nather. We'll be back soon!
    - 25 days ago Monday, August 3, 2015 -
  • ISC StormCast for Tuesday, August 4th 2015
    SSH Scanning on Port 8080 https://isc.sans.edu/forums/diary/Your+SSH+Server+On+Port+8080+Is+No+Longer+Hidden+Or+Safe/19995/Donald Trump Website Defaced http://pastebin.com/QiBeec2LThunderstrike 2 Apple EFI Vulnerability http://www.wired.com/2015/08/r…
    - 25 days ago Monday, August 3, 2015 -
  • Episode 429: DefCon is Coming!

    Episode 429: DefCon is Coming!

      Defcon is just around the corner and there is a lot happening in the news. For this special segment, we talk about our plans for Defcon in addition to top stories this week including the self aiming rifle and Windows 10.
    - 25 days ago Monday, August 3, 2015 -
  • DtSR Episode 154 - Enterprise Software Security Reloaded
    In this episodeRaf asks - Why haven’t we solved the same old software security bugs?James asks how a security team gets out of the way and still get better security?We discuss threat modeling, and channel a bit of John StevenJeff talks about th…
    - 26 days ago Monday, August 3, 2015 -
  • ISC StormCast for Monday, August 3rd 2015
    Threatstop Sponsors Internet Storm Center Stormcast http://www.threatstop.com/?src=sanspodcastWriting Better Security Policies https://isc.sans.edu/forums/diary/Your+Security+Policy+Is+So+Lame/19991/ http://www.sans.org/security-resources/policies/Fa…
    - 26 days ago Sunday, August 2, 2015 -
  • Episode 428 Stories: Hacking Jeeps and Ashley Madison

    Episode 428 Stories: Hacking Jeeps and Ashley Madison

      In the news this week Samy joins us to discuss hacking Jeeps remotely and the Ashley Madison data breach. For a full list of stories and links, visit the wiki here.
    - 26 days ago Sunday, August 2, 2015 -
  • Episode 428: Interview with Samy Kamkar

    Episode 428: Interview with Samy Kamkar

      This week, we interview Samy Kamkar. He is an independent security researcher, best known for creating The MySpace worm, one of the fastest spreading viruses of all time.
    - 26 days ago Sunday, August 2, 2015 -
  • ISC StormCast for Friday, July 31st 2015
    BIND ISC Vulnerability Details https://www.isc.org/blogs/about-cve-2015-5477-an-error-in-handling-tkey-queries-can-cause-named-to-exit-with-a-require-assertion-failure/Using "R" From the Commandline https://isc.sans.edu/forums/diary/Tech+tip+Invoke+a…
    - 29 days ago Thursday, July 30, 2015 -
  • Chet Chat 209 - July 29, 2015
    Join security experts Chester Wisniewski and John Shier as they discuss and explain the week's computer security news.This week Chet and John talk about Pakistan banning Blackberry servers, Linux's role in the malware ecosystem, Windows 10 privacy…
    - 29 days ago Thursday, July 30, 2015 -
  • Risky Business #376 -- Sniper rifles, bank safes and Android all pwned
    This week we're checking in with Josh Drake of Zimperium. With exploitation of Stagefright via Josh's sweet, sweet exploit you'd think the mother of all worms is coming. Well, probably not. Later versions of Android are tricky to exploit, and the div…
    - 30 days ago Thursday, July 30, 2015 -
  • Hack Naked TV 07-29-15

    Hack Naked TV 07-29-15

    The Hack Naked episode for July 29th, 2015 is up! This is the BlackHat/DefCon edition. Some notable talks from both conferences will be mentioned in this episode. Links from this episode: http://tinyurl.com/HNTV-STAGEFRIGHT http://tinyurl.com/HNTV-SA…
    - 30 days ago Wednesday, July 29, 2015 -
  • ISC StormCast for Thursday, July 30th 2015
    Windows 10 ReleasedTracking Point Smart Rifle Vulnerability https://threatpost.com/researchers-manipulate-rifles-precision-targeting-system/114028Keyboard Privacy Extension for Chrome https://chrome.google.com/webstore/detail/keyboard-privacy https:/…
    - 30 days ago Wednesday, July 29, 2015 -
  • ISC StormCast for Wednesday, July 29th 2015
    Javascript ZIP archives used for Malspam https://isc.sans.edu/forums/diary/Malicious+spam+continues+to+serve+zip+archives+of+javascript+files/19973/Brinks Smart Safe Vulnerability http://www.bishopfox.com/blog/2015/07/on-the-brink-of-a-robbery/XEN/Qe…
    - 31 days ago Tuesday, July 28, 2015 -
  • ISC StormCast for Tuesday, July 28th 2015
    Angler's Best Friends https://isc.sans.edu/forums/diary/Anglers+best+friends/19959/Android MMS Media Library Exploit http://blog.zimperium.com/experts-found-a-unicorn-in-the-heart-of-android/Windows 10 Support for Intel Real Sense https://software.in…
    - 32 days ago Monday, July 27, 2015 -
  • DtSR Episode 153 - NewsCast for July 27th, 2015
    In this episode..."Hackers remotely kill a Jeep!"Lots to talk aboutBasics of segmentation weren't followed, aren't followedDiscussion on software 'fitness' and liabilityhttp://www.cato.org/blog/hackers-remotely-kill-jeepFirefox blocks Flash an…
    - 33 days ago Monday, July 27, 2015 -
  • ISC StormCast for Monday, July 27th 2015
    Is Patching in 2 Days Possible?https://isc.sans.edu/forums/diary/Patching+in+2+days+tell+him+hes+dreaming/19957/NHTSA Orders Fiat/Chrysler Recall of Vulnerable Vehicleshttp://www-odi.nhtsa.dot.gov/owners/SearchCurrentMonthRecall#New Version of Google…
    - 33 days ago Sunday, July 26, 2015 -
  • Chet Chat 208 - July 23, 2015
    Join Sophos experts John Shier and Paul Ducklin in the latest episode of our thought-provoking security podcast.In this week's quarter-hour: cybercrime (and punishment), crimeware, the infamous Angler exploit kit, and how the Fourth Amendment appli…
    - 36 days ago Friday, July 24, 2015 -
  • ISC StormCast for Friday, July 24th 2015
    Four 0-Days Affecting Internet Explorer Mobile Released https://isc.sans.edu/forums/diary/Some+more+0days+from+ZDI/19953/Virtual Machine Side Channel Attacks Leak Crypto Keyshttp://blog.trailofbits.com/2015/07/21/hardware-side-channels-in-the-cloud/D…
    - 36 days ago Thursday, July 23, 2015 -
  • Risky Business #375 -- Ashley Madison, Jeep hacks drive news agenda
    In this week's feature interview we're chatting with Dave Jorm, our resident North Korea watcher. Some of you might remember Dave, he was on the show a couple of years ago talking about his OSINT satellite data analysis of North Korea and more recent…
    - 37 days ago Thursday, July 23, 2015 -
  • ISC StormCast for Thursday, July 23rd 2015
    Bartalex malspam pushing Pony/Dyre https://isc.sans.edu/forums/diary/Bartalex+malspam+pushing+PonyDyre/19947/Lottery IT Security Director Riggs Lottery http://www.desmoinesregister.com/story/news/crime-and-courts/2015/07/20/hot-lotto-verdict/30411901…
    - 37 days ago Wednesday, July 22, 2015 -