infrastructure – Page 3 – SSL and internet security news

Using Disinformation to Cause a Blackout

August 18, 2020 infossl

academicpapers, disinformation, infrastructure, Security technology, socialmedia

Interesting paper: “How weaponizing disinformation can bring down a city’s power grid“: Abstract: Social media has made it possible to manipulate the masses via disinformation and fake news at an unprecedented scale. This is particularly alarming from a security perspective, as humans have proven to be one of the weakest links when protecting critical infrastructure … Read More “Using Disinformation to Cause a Blackout” »

Work-from-Home Security Advice

March 19, 2020 infossl

covid19, epidemiology, infrastructure, Security technology, securityawareness, vpn, vulnerabilities

SANS has made freely available its “Work-from-Home Awareness Kit.” When I think about how COVID-19’s security measures are affecting organizational networks, I see several interrelated problems: One, employees are working from their home networks and sometimes from their home computers. These systems are more likely to be out of date, unpatched, and unprotected. They are … Read More “Work-from-Home Security Advice” »

Iranian Attacks on Industrial Control Systems

December 17, 2019 infossl

hacking, ics, infrastructure, iran, passwords, scada, Security technology, threatalerts

New details: At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company’s threat intelligence group that show a shift in the activity of the Iranian hacker group APT33, also known by the names Holmium, Refined Kitten, or Elfin. Microsoft has watched the group … Read More “Iranian Attacks on Industrial Control Systems” »

ICT Supply-Chain Security

October 29, 2019 infossl

infrastructure, nationalsecuritypolicy, Security technology, securityengineering, supplychain

The Carnegie Endowment for Peace published a comprehensive report on ICT (information and communication technologies) supply-chain security and integrity. It’s a good read, but nothing that those who are following this issue don’t already know. Powered by WPeMatico

On Chinese “Spy Trains”

September 26, 2019 infossl

china, espionage, essays, infrastructure, nationalsecuritypolicy, privacy, Security technology, surveillance

The trade war with China has reached a new industry: subway cars. Congress is considering legislation that would prevent the world’s largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States. Part of the reasoning behind this legislation is economic, and stems from worries about Chinese industries undercutting the … Read More “On Chinese “Spy Trains”” »

Maciej Cegłowski on Privacy in the Information Age

June 19, 2019 infossl

control, infrastructure, privacy, Security technology, surveillance

Maciej Cegłowski has a really good essay explaining how to think about privacy today: For the purposes of this essay, I’ll call it “ambient privacy” — the understanding that there is value in having our everyday interactions with one another remain outside the reach of monitoring, and that the small details of our daily lives … Read More “Maciej Cegłowski on Privacy in the Information Age” »

The Human Cost of Cyberattacks

June 1, 2019 infossl

cyberattack, infrastructure, malware, reports, Security technology

The International Committee of the Red Cross has just published a report: “The Potential Human Cost of Cyber-Operations.” It’s the result of an “ICRC Expert Meeting” from last year, but was published this week. Here’s a shorter blog post if you don’t want to read the whole thing. And commentary by one of the authors. … Read More “The Human Cost of Cyberattacks” »

Visiting the NSA

May 22, 2019 infossl

china, cybersecurity, fisa, infrastructure, machinelearning, nationalsecuritypolicy, nsa, privacy, russia, Security technology

Yesterday, I visited the NSA. It was Cyber Command’s birthday, but that’s not why I was there. I visited as part of the Berklett Cybersecurity Project, run out of the Berkman Klein Center and funded by the Hewlett Foundation. (BERKman hewLETT — get it? We have a web page, but it’s badly out of date.) … Read More “Visiting the NSA” »

A “Department of Cybersecurity”

April 17, 2019 infossl

cybersecurity, infrastructure, internetofthings, nationalsecuritypolicy, Security technology

Presidential candidate John Delaney has announced a plan to create a Department of Cybersecurity. I have long been in favor of a new federal agency to deal with Internet — and especially Internet of Things — security. The devil is in the details, of course, and it’s really easy to get this wrong. In Click … Read More “A “Department of Cybersecurity”” »

More on the Triton Malware

April 16, 2019 infossl

attribution, cybersecurity, infrastructure, malware, Security technology

FireEye is releasing much more information about the Triton malware that attacks critical infrastructure. It has been discovered in more places. This is also a good — but older — article on Triton. We don’t know who wrote it. Initial speculation was Iran; more recent speculation is Russia. Both are still speculations. Fireeye report. BoingBoing … Read More “More on the Triton Malware” »