Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services products such as electricity, natural gas, water, waste treatment and transportation. They used to be in closed networks, but nowadays more and more automation and control equipment are connected to Internet. Many of them are →
Electrical grid is said to be vulnerable to terrorist attack. I can agree that electrical power distribution network would be quite vulnerable if someone tries to sabotage it and knows what to do. I know this because I design software and hardware for control systems for electrical companies. Some days ago I saw in Finnish →
Any real-world security system is inherently complex. Making them safe and secure is hard. Controlgeek Blog has an interesting pointer and summary on on a very interesting white paper How Complex Systems Fail. I also found his paper, which is only a few pages long, a fascinating read (like John Huntington and Schneier on Security). →
2013 Gartner Magic Quadrant for Enterprise Network Firewalls give a view to current firewall markets: Gartner states, “Advances in threats have driven mainstream firewall demand for next- generation firewall capabilities. Buyers should focus on the quality, not quantity, of the features and the R&D behind them. This market includes mature vendors and new entrants.” Palo →
Understanding Ajax vulnerabilities article is an introduction how to protect the web applications you create with Ajax. Because of its range of functions and ease of use, Ajax is one of the most widely used tools for building web applications today. All applications, including those built using Ajax technologies, are vulnerable to exploits that compromise →
U.S. government warns of hack threat to network gear article tells that The Department of Homeland Security urged computer users on Tuesday to to disable a feature known as Universal Plug and Play or UPnP because new security bugs were initially brought to the attention of the government by computer security company Rapid7. UPnP is →
Year 2013 will be year of cyber security. CNN expects more cyber wars this year. Cybercrime is on the rise, and last year we saw more and more computer virus attacks. Security company Kaspersky Lab warns of more new cyber-threats against enterprises and mobile devices. Cyber security also relates to mobile. Security becomes an increasingly →
I wrote in the beginning of the year a blog article Security trends for 2012 that tried to predict security trends for this year. No the year is near the ends, so here is my aftermath how well my article (based on many sources) predicted this year. So here are my comments on how well →
After the recent incidents is seems that SMS is not very secure second factor for authentication. Australian Telcos Declare SMS Unsafe For Bank Transactions. Telcos declare SMS ‘unsafe’ for bank transactions article tells that the lobby group for Australian telcos has declared that SMS technology should no longer be considered a safe means of verifying →
Mozillla announced that it will soon start prompting Firefox users to upgrade select old plugins. This means that Firefox users who have outdated versions of the most popular plugins will soon see a notification urging them to update when they visit a web page that uses them. Old versions of Silverlight, Adobe Reader and Adobe →