An Italian researcher well known for his exploration of industrial control systems (ICS) has demonstrated the exploitation of a zero-day flaw that can crash or lead to a compromise of Web-based SCADA software that is used in nearly 40 countries all over the world.
"How long can we afford having critical infrastructures that use unpatched SCADA systems?" the EU’s cyber security Agency ENISA asks, and advises EU Member States to proactively deploy patch management to enhance the security of SCADA systems.
Global Information Assurance Certification (GIAC), a leading provider of cyber security certifications and an affiliate of the SANS Institute, announced the release of the new Global Industrial Cyber Security Professional (GICSP) certification exam.
The EU’s cyber security agency ENISA has provided a new manual for better mitigating attacks on Industrial Control Systems (ICS), supporting vital industrial processes primarily in the area of critical information infrastructure (such as the energy and chemical transportation industries) where sufficient knowledge is often lacking.
Stuxnet, the malware that rocked the security world and the first recorded cyber weapon, has an older and more complex “sibling” that was also aimed at disrupting the functioning of Iran's uranium enrichment facility at Natanz, but whose modus operandi was different.