Collaborate Disseminate
Compromise of safety systems could have resulted in the release of toxic gas or an explosion – causing physical damage to facilities and the loss of life.
Read more in my article on the Hot for Security blog. Continue reading US charges Russian agents over cyber attacks on oil refineries and nuclear power plants
One indictment alleges hacking attempts on industrial control systems, and the other involves a separate spree from 2012-17.
The post DOJ unseals charges against Russians in attempted hacks of infrastructure, including Trisis case appeared first on CyberScoop.
Normal people throw away stuff when it breaks. But not people like us. Or, apparently, [NanoRobotGeek]. A cheap robotic dragonfly died, and he cannibalized it for robot parts. But he kept the gearbox hoping to build a new dragonfly and, using some brass rod, he did just that.
The dragonfly’s …read more
If you want to build hundreds of a thing (and let’s face it, you do) now is a magical time to do it. Scale manufacturing has never been more accessible to the hardware hacker, but that doesn’t mean it’s turn-key with no question marks along the way. The path is there, but it’s not well marked and is only now becoming well-traveled. The great news is that yes, you can get hundreds of a thing manufactured, and Kerry Scharfglass proves that it’s a viable process for the lone-wolf electronics designer. He’s shared tips and tricks of the manufacturing process in …read more
Continue reading Down the Rabbit Hole of Electronics Manufacturing
A few years ago, Eric Byres, a veteran cybersecurity executive, was studying the aftermath of a clever attack on the supply chain. A Russian hacking group known as Dragonfly had in 2013 and 2014 breached the websites of three vendors of software that supported industrial control systems (ICS). The attackers slipped malicious software into legitimate updates hosted on those websites. The planted malware did not affect critical operations for companies, but Byres was troubled by the notion that outsiders could pull this off at all. The attackers made it clear to him that many companies he had worked with lacked an effective way of verifying whether they were using legitimate software worthy of their trust. The problem is that just comparing digital hashes isn’t necessarily enough to mark software as trusted. A hash, as Byres put it, is “a binary answer to a non-binary problem.” A hash either passes or fails, but the task of validating critical software can be more complex. Two years after […]
The post New code-validation project tries to spot the next industrial supply chain attack appeared first on CyberScoop.
Continue reading New code-validation project tries to spot the next industrial supply chain attack
In a hearing with the House Judiciary Committee on Tuesday, Google CEO Sundar Pichai kept saying the company has no plans right now to launch a search product in China. But that response leaves plenty of room to launch when it does want to. Continue reading Google CEO Says No Plan to ‘Launch’ Censored Search Engine in China
Badiucao’s new exhibition compares Google’s censored search engine for China, codenamed Dragonfly, to Donald Trump’s wall. Continue reading A Chinese Dissident Artist Is Taking Aim at Google for Censored Search Engine
Hundreds signed a letter raising concerns about the moral and ethical issues of Google helping China with its censorship. Continue reading Google employees protest work on censored search engine for China
The Chinese version of Google will censor websites like the BBC and Wikipedia. Continue reading Leaked Documents Show Google is Making a Censored Search Engine for China
A government security alert about foreign hackers probing the networks of U.S. energy companies frightened casual observers, but security experts say the report provided little more than an update on relatively well-known activity and behavior. The alert, released late last week by the Department of Homeland Security, mentions evidence of a hacker group — originally identified by U.S. cybersecurity firm Symantec and codenamed “Dragonfly 2.0” — working to compromise the front office networks of industrial firms. This activity is confined to the targeting, and in some cases compromise, of business networks by hackers largely through the deployment of phishing emails and strategic website compromises; also known as watering hole style attacks. FBI & DHS: massive hacking campaign underway attacking American energy, nuclear, water, aviation, construction & manufacturing sectors. — Jose Pagliery (@Jose_Pagliery) October 21, 2017 Though the information offered by the government may be helpful for some cybersecurity professionals, it is far from […]
The post Security researchers call for calm after DHS warns of energy grid hacking appeared first on Cyberscoop.
Continue reading Security researchers call for calm after DHS warns of energy grid hacking