NERC-CIP Stuff - Alexa, can you tell me when my grid is hacked?
https://www.amperesec.com/blog/alexa-can-you-tell-me-when-my-gird-is-hacked
Within the next 2-3 years, if you are a NERC Registered Entity with high impact or medium impact with ERC BES cyber systems, you will need to baseline your network traffic for all applicable cyber assets inside the ESP and look for anomalies beyond the traditional anti-malware and port-restriction controls already in place as part of the existing CIP standards. Examples of anomalies could be, among other things, accounts used in ways they shouldn’t be or new unexpected devices on the network or sending legitimate commands to control systems in ways that could stop or degrade the system. Further, you will need to record/log the traffic information and protect that information from misuse.
RIP Perimeter Security: Critical Infrastructure Breaches Demand New Approach
https://securityboulevard.com/2023/01/rip-perimeter-security-critical-infrastructure-breaches-demand-new-approach/
Race to zero: Can California’s power grid handle a 15-fold increase in electric cars?
https://calmatters.org/environment/2023/01/california-electric-cars-grid/
EVs Are Essential Grid-Scale Storage
https://spectrum.ieee.org/electric-vehicle-grid-storage
Russia’s Sandworm hackers blamed in fresh Ukraine malware attack
https://cyberscoop.com/sandworm-wiper-ukraine-russia-military-intel/
National Security Agency | Cybersecurity Information Sheet | IPv6 Security Guidance
https://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI_IPV6_SECURITY_GUIDANCE.PDF
Trained developers get rid of more vulnerabilities than code scanning tools
https://www.helpnetsecurity.com/2023/01/23/trained-developers-code-scanning-tools/
Microsoft will stop selling Windows 10 on January 31, but workarounds remain
https://arstechnica.com/gadgets/2023/01/microsoft-will-stop-selling-windows-10-on-january-31st-but-workarounds-remain/
NIST working on ‘potential significant updates’ to cybersecurity framework
https://fedscoop.com/nist-working-on-potential-significant-updates-to-cybersecurity-framework/
The Concept Paper - NIST Cybersecurity Framework 2.0 Concept Paper: Potential Significant Updates to the Cybersecurity Framework
https://www.nist.gov/system/files/documents/2023/01/19/CSF_2.0_Concept_Paper_01-18-23.pdf
New Open Source OT Security Tool Helps Address Impact of Upcoming Microsoft Patch
https://www.securityweek.com/new-open-source-ot-security-tool-helps-address-impact-of-upcoming-microsoft-patch/
Why are so many tech companies laying people off right now?
https://www.theverge.com/2023/1/26/23571659/tech-layoffs-facebook-google-amazon
Kevin Mitnick Hacked California Law in 1983
https://www.schneier.com/blog/archives/2023/01/kevin-mitnick-hacked-california-law-in-1983.html
Google Is Screwed, Even If It Wins Its Antitrust Case
https://gizmodo.com/google-bing-microsoft-chatgpt-ai-antitrust-doj-screwed-1850029781
Two Supreme Court Cases That Could Break the Internet
https://www.newyorker.com/news/q-and-a/two-supreme-court-cases-that-could-break-the-internet
Hackers abuse legitimate remote monitoring and management tools in attacks
https://www.csoonline.com/article/3686610/hackers-abuse-legitimate-remote-monitoring-and-management-tools-in-attacks.html#tk.rss_all
No comments:
Post a Comment