Submitted by Frank Williams on Wed, 2012-01-11 15:43
Today is the day that Tofino Security is announcing that I have joined their team. I am very excited about this, particularly because I believe that industrial cyber security is the next major impactful technology to hit the automation industries.
I am also excited to be joining Eric and Joann Byres and their group; people I have high regard for, as I believe Tofino Security technology is poised to lead the way in protecting the critical infrastructure industries.
Submitted by Eric Byres on Mon, 2011-04-18 11:08
Submitted by Joel Langill on Fri, 2011-03-25 10:10
Submitted by Joel Langill on Wed, 2011-03-23 16:23
One of the unfortunate facts about security is that if you can find one vulnerability, you can usually find lots more. Vulnerabilities are not just bad luck – they are caused by a poor Software Security Assurance (SSA) process (or a complete lack of one). Next in line for blame are experienced professionals who do little in terms of security assessments prior to commissioning systems in actual production facilities.
Submitted by Eric Byres on Wed, 2011-03-23 10:17
Selling the concept of security for SCADA and ICS might still be struggling, but publishing vulnerabilities for SCADA and ICS equipment seems to be a growth industry.
Thirty-Four SCADA Product Vulnerabilities
On Monday an Italian “Security Researcher” published a raft of vulnerabilities (34 in all) against four SCADA products. Below are the affected products with links to the US-CERT announcements: