Pacific Northwest National Lab (PNNL) released a report “Technology Security Assessment for Capabilities and Applicability in Energy Sector Industrial Control Systems: McAfee Application Control, Change Control and Integrity Control”. The date...
Digital Bond has been doing a lot of generation work lately, and I’ve found myself in plant clothes (safety shoes, hard hat, jeans, cotton shirt) more and more often. There has been a lot of interest in the cyber security of generation plants, and not all of it...
Kaspersky’s analysis found that Flame and Stuxnet had code in common according to an article in TPM. “The code in common was used to install and propagate the malware onto computers from an infected USB stick by causing the victim’s computer to “autorun”...
A client was recently interested in a particular brand of serial port to Ethernet converter. I’ve done my own with socat, and worked professionally on pen-testing an (IMO) excellent secure serial to Ethernet front-end that adds a lot of security and management...
I read the Stuxnet portion of David Sanger’s Confront & Conceal. Stuxnet is actually only a small part of the book, but it is the first sensational story in the Prologue to capture the reader’s attention and most of Chapter 8. I had called the earlier...
The following is guest post courtesy of Ned Moran of the Shadowserver Foundation. This post is a technical analysis of the malware used in a spear phishing attack targeting those interested in ICS security . Dale was kind enough to share a copy of the spear phishing...
First, comments are back up and running on the website. We still are sorting out a few other issues and apologize for the inconvenience. The Hill reports that “President Obama and senior administration officials participated in a simulated cyberattack exercise...
A friend sent me a 24-page Network Security brochure from Siemens dated May 2012 with more detail on Siemens S7 security offerings and overall security strategy (we will add the link when it is up on the Siemens site). We would still like to get more technical detail,...
UPDATE: Added picture of email text Digital Bond recently had a nice little spear phishing attempt, from an email account registered to look like Dale, to a Digital Bond employee. The attack linked to a probably-malicious .zip file based upon an old research...
The NY Times published an enhanced excerpt from David Sangers’ new book Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power. The long article focuses on the US and Israeli efforts to use Stuxnet to delay the Iranian nuclear...
