Submitted by Heather MacKenzie on Mon, 2015-01-26 06:27
Submitted by Heather MacKenzie on Wed, 2015-01-21 05:38
This blog is the last one from me as a member of the company that manufactures and sells Tofino Security products. Joann Byres (Tofino co-founder and Belden Vice President) and I are retiring from the Tofino Security group at Belden effective January 30, 2015.
Submitted by Heather MacKenzie on Mon, 2013-11-04 21:00
Today I am glad to be writing about a good news story. That story is that Belden's Eric Byres is being awarded the ISA (International Society of Automation) Excellence in Leadership award for his contributions to the automation industry in the area of industrial security.
This award must be particularly exciting for Eric because it is ISA's most prestigious award and is awarded by his peers, that is, members of ISA.
ISA President Terrence G. Ives remarked:
Submitted by Eric Byres on Thu, 2011-09-01 21:00
Today is a big news day for Byres Security Inc. (BSI), as we are announcing that our company has been acquired by Belden Inc.
We (Joann Byres and Eric Byres) are writing this article to let you know what the future has in store for us, and for our company.
What will stay the same?
Byres Security Inc. will run as an independent business unit under Belden, and the Tofino Security brand will remain the same.
BSI will continue: |
Submitted by Eric Byres on Mon, 2010-10-25 11:27
Stuxnet Mitigation Matrix Updated
This is a short note to let you know that we have updated our Stuxnet Mitigation Matrix to version 1.1, based on feedback from our readers.
The new version addresses the need to test and/or confirm all mitigations, including firewalling the Remote Procedure Call (RPC) protocol.
Submitted by Eric Byres on Thu, 2010-10-21 10:49
Our goal with this blog is to provide you with practical information to help you avoid network incidents that disrupt operations.
With this in mind, today we are releasing a Stuxnet Mitigation Matrix that presents easy-to-follow actions to take against Stuxnet.
Stuxnet Mitigation Matrix by Tofino Security is a printable version of the mitigation matrix that includes dynamic links to detailed information on each of the patches and mitigations.
Submitted by Eric Byres on Thu, 2010-10-14 17:18
Last week, Rick Kaun in his blog “[In]security Culture”, blasted the “security vendors” who were claiming that if the ICS/SCADA world used their offering, we would have avoided the whole Stuxnet mess. As Rick very correctly points out, this is complete rubbish - there is no silver bullet for security in general, but in the Stuxnet case it is dangerously inaccurate.
Submitted by Eric Byres on Fri, 2010-10-01 12:26
I have just come back from three very interesting presentations by Symantec, Microsoft and Kaspersky Labs at the Virus Bulletin 2010 conference. For two hours they discussed their latest findings on Stuxnet, the PLC/SCADA-targeting worm of the decade.
Submitted by Eric Byres on Thu, 2010-09-23 10:07
Week after week, the Stuxnet worm continues to amuse and astound all of us that have studied it. Last week it was Ralph Langner’s detailed analysis that showed Stuxnet wasn’t just infecting Windows boxes and stealing data, it was specifically designed to modify PLC logic so it could destroy a physical process. Next it is the amazing number of Windows zero-day vulnerabilities* it exploits to do its dirty work.
Submitted by Eric Byres on Fri, 2010-09-17 09:16
Back in July when Stuxnet first became public, I wrote in our Siemens PCS7 WinCC Malware White Paper and told anyone that would listen that Stuxnet was targeted at stealing intellectual property from process systems. The code we analyzed showed Stuxnet performing SQL database accesses and process information uploading to servers in Denmark and Malaysia, so this seemed like a sure answer.
Submitted by Eric Byres on Wed, 2010-08-11 10:05
If you have been reading the various advisories on the Stuxnet malware, you would be forgiven for thinking that only computers running relatively new versions of the Windows systems are vulnerable to this worm. For example, the Siemens Stuxnet advisory states; “The virus affects operating systems from XP and higher.” Does that mean if I am running Windows 2000 servers I am immune?
Unfortunately, the answer is NO! Based on our testing, all versions of Windows are vulnerable to Stuxnet, regardless of age.
Submitted by Eric Byres on Wed, 2010-08-04 21:00
Over the past half decade I have avoided creating blog on cyber security. After all, there certainly are plenty of blogs out there, and some provide excellent and detailed analysis of the latest news in SCADA security.