Sunday, June 23, 2013

Leaked documents expose massive UK spying operation involving 200 fiber optic cables

Once considered a secure alternative to traditional cupper lines the use of fiber has not stopped the GCHQ (the U.K. version of the NSA in the U.S.) to eavesdrop on communications that traveled across these major data pipelines. This is just another uncovering of a major privacy violation in the "free world" which has been pointing to other countries for their rather open practice of eavesdropping on Internet communication.

Read More:
Washington Post about Guardian article

1SSA - Security Consulting, Training and Products

Saturday, June 22, 2013

Tridium vulnerability throws building controls wide open to hackers

Only recently, over the last 3-4 years, the ties between physical and IT security have been understood and yet most organizations keep them separate, resulting in disconnects and potential attacks slipping through the cracks. Since more and more physical security systems use IT for communication they are becoming now targets for hackers. Latest victim being Honeywell’s Tridium Niagara Framework which is built around TCP/IP and meant to provide web-based management for building assets.

Read more:
Tridium vulnerability throws building controls wide open to hackers

1SSA - Security Consulting, Training and Products

FDA Safety Communication: Cybersecurity for Medical Devices and Hospital Networks

The FDA issued a safety recommendation to the medical community, advising about cyber security issues with medical devices. Medical devices are more and more becoming Internet/Network enabled, allowing for traditional cyber security threats to execute on those rather immature (from a security perspective) devices.

FDA Safety Communication

1SSA - Security Consulting, Training and Products