Tuesday, November 27, 2012

Cyber Security: ICS-CERT Vulnerability Summary for Week of November 19

Click the link below to view the summary of cyber security vulnerabilities for the week of November 19 as collected and reported by ICS-CERT.

http://www.us-cert.gov/cas/bulletins/SB12-331.html


Cyber Security: The importance of updating your browser

Almost 25% of browsers currently in use are out of date. Read why it's important to keep your browser patched to the latest version.

Out-of-date, vulnerable browsers put users at risk

Monday, November 26, 2012

Cyber Security: ICS-CERT Vulnerability Summary for Week of November 12

Click the link below to view the summary of cyber security vulnerabilities for the week of November 12 as collected and reported by ICS-CERT.

http://www.us-cert.gov/cas/bulletins/SB12-324.html

Thursday, November 22, 2012

Thursday, November 15, 2012

Cyber Security: The phish are always biting

Although the uptimes of phishing attacks have decreased slightly, hackers are hosting more and more phishing websites.

Phishing websites proliferate at record speed

Tuesday, November 13, 2012

Cyber Security: Has your HPI vendor addressed cyber security?

Read how HPI companies are addressing cyber security at their operating facilities.

http://www.hydrocarbonprocessing.com/IssueArticle/3110153/Archive/Industry-Perspectives.html

“Cyber security solutions are most effective when the supplier and user share responsibility. Users should seek a vendor who not only helps them implement various degrees of control network protection and fully manage their security functionality 24/7, but one that actively works with government entities, like the DOE Energy Roadmap, industry-specific programs, like NERC, Critical Infrastructure Protection (CIP), and other standards bodies, such as the International Society of Automation (ISA,) to develop new standards. This level of involvement allows the vendor to validate and adopt advanced cyber-security techniques and solutions that keep the user more secure, but more importantly, more vigilant.”

—Doug Clifton, Director, Critical Infrastructure and Security Practice, Invensys Operations Management


Cyber Security: Low cost wireless security breach - Jawbreaker

Jawbreaker, a "software-defined radio," could give hackers of all skill levels a chance to hone their skills.

HackRF Jawbreaker Could Bring Low-Cost Wireless Hacking to the Masses

Monday, November 12, 2012

Cyber Security: ICS-CERT Vulnerability Summary for Week of November 5

Click the link below to view the summary of cyber security vulnerabilities for the week of November 5 as collected and reported by ICS-CERT.

http://www.us-cert.gov/cas/bulletins/SB12-317.html

Tuesday, November 6, 2012

Cyber Security: ICS-CERT Vulnerability Summary for Week of October 29

Click the link below to view the summary of cyber security vulnerabilities for the week of October 29 as collected and reported by ICS-CERT.

http://www.us-cert.gov/cas/bulletins/SB12-310.html




Cyber Security: History repeats itself - will we ever learn?

Early cyber events in the late 1990s perpetuated a security revolution, but as new technologies emerge, we find ourselves back where we started.



Friday, November 2, 2012

Cyber Security Advisor Newsetter - October 2012 vol 13


This month, with the rising popularity of Social Media, we thought it was appropriate to discuss some NEW attack vectors out there. Also, don't forget our Consultant's Corner. Steve Batson, Principal Consultant-Critical Infrastructure & Security Practice, talks about Cyber Security and staying ahead of the curve in the Nuclear industry.

As we continue our efforts to educate  on the need to address cyber security, the details that rise to the top are consistent. All successful Security Solutions are part of an overall program that addresses who will manage, maintain and upgrade the solution for its life time.   We find too many firewalls installed that no one has looked at since it was installed or so many holes are punched through it, you might as well not have it in place. The message is, consider what the needs are, develop a program, THEN determine the technical controls.  I know the geek in all of us makes us want to jump to the technology first.



Click here for this months newsleter

Thursday, November 1, 2012