DeviceLine Radio: Joe Weiss On Industrial Control System Security

June 25, 2014

My guest today is Joe Weiss, Managing partner at Applied Control Solutions. He is perhaps best known for his work with securing electrical utilities and his testimony on Capital Hill on the danger in not addressing various vulnerabilities facing that industry today. But Joe points out that Industrial Control Systems are everywhere—in our cars, even in our bodies. So the safeguards introduced in one area should apply to all areas. I started the conversation by asking why, in the two years since Dillon Beresford and Luigi Auriemma first poked holes in SCADA systems, we haven't seen more progress on securing those systems.

You can hear the full conversation, along with a recap of this week’s news here.

Or subscribe to DeviceLine Radio on iTunes.

Or read the transcript below.

Read More

More SCADA Vulnerabilities Found

June 24, 2014

On Wednesday, Dillon Beresford of NSS Labs canceled his talk at TakeDownCon in Dallas, Texas, after concerns that bad actors might use his demonstration to cause physical damage to SCADA facilities worldwide. The next speaker at the conference tweeted that he was up next because the SCADA talk had been cancelled, prompting media speculation of government or vendor censorship. In the past, vendors have sued researchers in order to prevent public disclosure.

Read More

Embedded OS Leaks Chinese Passwords

June 24, 2014

The usernames and passwords for more than 10,000 job applicants for positions with China's State Administration of Foreign Experts Affairs are accessible to the outside world at loosely protected or unprotected computer servers operated by the Chinese government, according to a security researcher.

Read More