Cyber Security: Hackers Find First Post-Retirement Windows XP-Related Vulnerability

Last Saturday, Microsoft told customers that cyber criminals are exploiting an unpatched and critical vulnerability in Internet Explorer using "drive-by" attacks. Read the article here.

Cyber Security: U.K. Cybersecurity Plan Is Voluntary Like U.S. Framework, Has Differences

The cybersecurity scheme the U.K. government plans to launch this summer shares some similarities with the U.S. government's critical infrastructure cybersecurity framework, including being voluntary and aimed at all organizations, regardless of size or sector. Click here to read the article.

Cyber Security: ICS-CERT Vulnerability Summary for Week of April 21

Click the link below to view the summary of cyber security vulnerabilities for the week of April 21 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-118

Cyber Security: Target hackers may take years to find

Secret Service investigators say they are close to gaining a full understanding of the methods hackers used to breach Target's computer systems in December. Read the article here.

Cyber Security: Heartbleed Attack Targets VPN Service

Most of the coverage of the Heartbleed bug has focused on the security problems for websites, but there's another avenue of attack now being exploited by hackers: the Virtual Private Network systems used by many large and small businesses. Click here to read the article.

Cyber Security: Extreme password protection--how hackers keep themselves safe

Want to stay safe on the Internet? It's time to rethink all your passwords. That's what David Kennedy did. He's a security researcher and "ethical hacker," and remembers only one: It unlocks a password vault, an encrypted database that stores dozens of his other passwords. Each one ranges from 30 to 50 characters long. Click here to read more.

Cyber Security: ICS-CERT Vulnerability Summary for Week of April 14

Click the link below to view the summary of cyber security vulnerabilities for the week of April 14 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-111

Cyber Security: The Global Cyber Advisor Newsletter - Mar. 2014 Vol. 30

Welcome to the latest Global Cyber Advisor Newsletter,

We focus on cyber security for the plant….not just the product.

We know a solid cyber program leverages system features, cyber security products/controls/services  and a solid documented cyber program that keeps it all maintained and managed.  With some of the latest news, having a strong program in place can help mitigate and remediate cyber issues and risks within our clients environments.

Continuously Secure:   We continue to prove to the industry that we stay vigilant and help our customers develop their cyber strategies and secure their process environments.      We have staff to help our clients on a global basis to assess, design, implement and manage their cyber posture.     We have developed suites of products with complementary consulting, which are unmatched in the industry.   

This month’s Consultant's Corner article is from Gary Kneeland.  He discusses remote connectivity in SCADA and control systems.
                                                                                            
The Critical Infrastructure and Security Practice has the skills and the resources to help our clients no matter what industry.    We are structured to help with their entire cyber security program.   We have essentially the industry’s largest vendor-based cyber security team that assists our clients secure their entire process environment.    We understand that cyber security extends beyond a single system and our valued clients need assistance and advice in how to secure their entire plant infrastructure.   Cyber security is so much more than product features,  firewalls, and anti-virus software. 
 

If you’ve missed our previous editions, you can find them at this location:   http://iom.invensys.com/EN/Pages/CyberSecurity-Newsletters.aspx

Click here to open the March 2014 newsletter.

Cyber Security: How to protect yourself from Heartbleed

For a list of tips on how to protect yourself from Heartbleed, click here.

Cyber Security: Homeland Security warns about 'Heartbleed' bug

The Department of Homeland Security issued an alert last Friday, putting out a statement regarding the Heartbleed bug that was discovered by cyber security experts early last week. Click here for the article.

Cyber Security: ICS-CERT Vulnerability Summary for Week of April 7

Click the link below to view the summary of cyber security vulnerabilities for the week of April 7 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-104

Cyber Security: 5-year-old boy exposes major security flaw in Xbox

Kristoffer Von Hassel of San Diego, CA may only be 5 years old, but he outsmarted Microsoft Techies by hacking into Xbox's security system. Watch the video here.

Cyber Security: Cyber attacks traced to Russian syndicate

Federal authorities have traced the cyber attack against Neiman Marcus Group to a Russian syndicate believed to be responsible for more than 160 million credit card thefts during the past seven years, Bloomberg reports. Read the article here.

Cyber Security: Cyber attacks hit oil, gas, just as much as retail

Gen. Keith Alexander, director of the National Security Agency and head of the U.S. Cyber Command, says that retailers aren’t the only victims of cyber attacks. He says that energy companies — including the oil and gas industry — were targeted in 41 percent of the malicious software-attack cases reported to the Department of Homeland Security in 2012. Read the article here.

Cyber Security: Windows XP support ends tomorrow

It is estimated that Windows XP is still installed on about a fifth of all the desktop computers on the planet. Thirteen years after its release, technical support for Microsoft's Windows XP operating system will end tomorrow, leaving hundreds of millions of computers vulnerable to hackers and other security threats. Click here to read the article.

Cyber Security: ICS-CERT Vulnerability Summary for Week of March 31

Click the link below to view the summary of cyber security vulnerabilities for the week of March 31 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-097

Cyber Security: 10 simple tips to bank safely online

Click here to read an identity theft expert's safety tips when it comes to banking online.

Cyber Security: Hackers attack home devices

To keep an eye on his child via his smartphone, Marc Gilbert installed Internet-connected video baby monitors in his home in Houston. Read about what happened here.

Cyber Security: U.S. Securities and Exchange Commission examines threat to Wall Street from cyber attacks

The U.S. Securities and Exchange Commission will examine, according to Bloomberg News, the exposure of stock exchanges, brokerages and also other Wall Street firms to cyber
attacks that have been called a threat to financial stability. Read the article here.