Tag: SCADA

Theo from Die Hard

Die Hard is a Movie About Building Automation Insecurity. Discuss.

In this episode of the Security Ledger Podcast (#126): Die Hard has finally been embraced as the bloody, violent, feel-good Christmas movie its always been. But the film, which turns 30 this year, is about more than the power of ordinary guys to stand up to evil. Did you know it’s also a (very) early warning about the dire insecurity of building automation systems? We speak with Ang Cui of the firm Red Balloon Security about the dire risk of cyber attacks on building automation software and company’s work to secure this often-overlooked critical infrastructure. 

Container ships easy to hack, track, send off course and even sink, security experts say

Modern container ships already face a number of serious perils at sea. Now new research from Pen Test Partners shows just how vulnerable these ships are to new dangers from hacking–including being steered off course and sunk–thanks to their use of always-on satellite communications and general lax security practices on board.

TP-Link WR-841n

Everybody reboot! VPNFilter Malware infects 500k Routers

Newly discovered malicious software dubbed VPNFilter has infected hundreds of thousands of routers and network attached storage (NAS) devices globally and could be used to steal sensitive data or wipe out (“brick”) the devices, the company said. 

Podcast Episode 92: Uncle Sam Ices Tech Acquisitions and RSA Conference 2018

Podcast: Play in new window | Download (Duration: 31:45 — 36.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn this episode of The Security Ledger Podcast (#92): Adam Isles of The Chertoff Group joins us to talk about the growing specter of software supply chain risk the recent trend of the US Government shooting down major tech acquisitions by Chinese firms.  Also: with the RSA Conference * kicking off in San Francisco, we hear from two experts from LookingGlass, this week’s podcast sponsor, about how to make sense of the hot threat intelligence space. 

Pipeline Attacks highlight Third Party Threat to Critical Infrastructure

Recent attacks on the third-party data system of several U.S. pipeline companies highlight the persistent need for better ways to secure industrial control systems (ICSs), particularly when third-party software is in use, security experts said.