SCADA

Pierluigi Paganini June 23, 2014
Impact of Windows XP End of life on Critical Infrastructure

Which is the impact of the Windows XP End of Life on the critical infrastructure? Which are the risks and the mitigation strategies that could be adopted? This week I had the pleasure and the honor to participate as a speaker for a seminar at Rome Security Summit 2014, the theme of the event was “Impact […]

Pierluigi Paganini June 10, 2014
ICS-CERT warns of possible hack of road signs controlled by Daktronics Vanguard software

ICS-CERT issued an alert for the presence of a hardcoded password flaw in Daktronics Vanguard highway dynamic message sign (DMS) configuration software. Security experts have discovered a new flaw in Daktronics’ Vanguard software which could be remotely exploited by hackers to hack electronic road signs. A week ago, it was reported that Daktronics’ Vanguard dynamic highway message sign (DMS) configuration […]

Pierluigi Paganini June 09, 2014
ICS-CERT warns on the rise in attacks on online ICS

A reading of the data issued by the ISC-CERT in its Monthly Monitor (ICS-MM201404) on the attacks against ICS (industrial control systems) exposed on line. Do you have exposed your Industrial control system (ICS) on the Internet? “If ICS is connected to the Internet, it comes with an almost 100% guarantee of its being hacked on […]

Pierluigi Paganini May 26, 2014
Critical Infrastructure, hackers targeted public utility SCADA

Cyber attacks could pose a potentially huge risk to US critical infrastructure, state-sponsored hackers and cyber criminals are increasing their activity. Governments are even more alarmed by the possibility of cyber attacks against critical infrastructure, hackers could pose a potentially huge risk to the helpless population. In a recent US Government exercise, a team of hackers […]

Pierluigi Paganini May 01, 2014
Hacking Traffic lights and other control systems is not so hard

Security experts Cesar Cerrudo conducted a study on the security of components within control traffic lights and similar electronic systems. The hacking of control systems for traffic lights or cyber grids is a prerogative of sci-fi series and movies, hackers could be able to target them causing serious problems. Cesar Cerrudo, CTO at IOActive, has conducted a study to investigate […]

Pierluigi Paganini April 21, 2014
Critical Infrastructure security, is it possible a shared regulatory?

Reflession on the necessity to adopt a shared regulatory for the security of critical infrastructure. Eugene Kaspersky point of view on the topic. Security of critical infrastructure is a critical urgency of any government, the NIST announced the Framework for Improving Critical Infrastructure Security, a document that proposed cybersecurity standards and practices to build out a security program. The cybersecurity […]

Pierluigi Paganini March 18, 2014
Darpa is looking for experts from private sector for future cyber ops

Darpa is scouting the private companies to recruit high skilled professional and use company infrastructure to protect classified information. The Pentagon is searching cyber experts to address the growing shortage of highly professional in the field, the US Government is making scouting for expert hackers in the private sector. The control of the cyberspace and the […]

Pierluigi Paganini March 16, 2014
Nearly 7600 critical infrastructure vulnerable to bugs in Yokogawa App

Security experts at Rapid7 firm have public disclosed a series of flaws affecting several thousands of critical infrastructure using Yokogawa software. Several thousands of critical infrastructure may still be vulnerable to SCADA flaws public disclosed this week. It has been estimated that more than 7,600 different chemicals, power and petrochemical plants are affected by the bugs disclosed […]

Pierluigi Paganini March 13, 2014
Is the Agent.btz malware the link between Snake and Red October?

The agent.btz malware may have served as starting point for malware Turla and the malicious code used in the Red October campaign. In the last weeks we have discussed about the Snake platform used in a large-scale cyber espionage campaign that targeted highly secured systems belonging to Governments and Military all over the world. Experts […]

Pierluigi Paganini March 08, 2014
SNAKE – The last cyber espionage campaign on a large scale

BAE Systems Applied Intelligence has disclosed a Russian cyber espionage campaign codenamed as SNAKE that targeted Governments and Military Networks. The British cyber specialist BAE Systems Applied Intelligence has disclosed a Russian cyber espionage campaign codenamed as SNAKE that remained undetected for a log time, at least for eight years. The malware can infiltrate Windows XP, Vista, 7 […]