Archive for May, 2012

Fact Sheet: Air Cargo Shipping Simplified Between Canada and the United States

Air Cargo Shipping Simplified Between Canada and the United States

The United States and Canada Announce Air Cargo Security Improvements

The United States and Canada today announced that both governments have agreed to the mutual recognition of, and cooperation on, air cargo security in both countries. Mr. James D. Nealon, Deputy Chief of Mission at the U.S. Embassy on behalf of Transpo…

Readout of Secretary Napolitano’s Remarks at the Migration Policy Institute

Secretary of Homeland Security Janet Napolitano today delivered remarks at the Migration Policy Institute’s Transatlantic Council on Migration meeting, underscoring the Department of Homeland Security’s (DHS) commitment to combating transnational t…

ICS-CERT & US-CERT have released a Joint Security Awareness Report (JSAR) titled "JSAR-12-151-01 – sKyWIper Flame Malware" (PDF)

This JSAR warns of a new sophisticated information-stealing malware identified as sKyWIper.

ICS-CERT has released an Advisory titled "ICSA-12-138-01 – Emerson DeltaV Multiple Vulnerabilities" (PDF)

This Advisory identifies multiple vulnerabilities in the Emerson DeltaV application. This web release follows the earlier secure portal release.

“… it is not fish they are after.”

“The charm of fishing is that it is the pursuit of what is elusive but attainable, a perpetual series of occasions for hope.” — John Buchan Homeland Security Research Corp. (HSRC) describes itself as “a Washington, DC-based inte…

The Cyber-Tootsie Roll Effect (Or Please Stop Calling Every Cyber Something An Attack)

Imagine for a moment that you got your wallet stolen. It could be from your back pocket in a crowd or your bag hanging on a chair in a busy restaurant. Now, if the police caught the individual responsible, would they be charged with assault? Almost cer…

Flame Malware and SCADA Security: What are the Impacts?

Over the weekend a new super worm exploded onto the cyber security landscape. Known as Flame or sKyWIper, it appears to be targeting sites in the Middle East, just like the Stuxnet and Duqu worms did.

What should be done about the use of modern cyber-sensitive technologies for nuclear plant I&C upgrades

Because of nuclear regulation, nuclear plants can only use established, demonstrated technologies. This resulted in nuclear plants being designed with analog instrumentation and control (I&C) systems. These systems are now obsolete and need to be u…

ICS-CERT has released an Advisory titled "ICSA-12-146-01 – RuggedCom Weak Cryptography for Password Vulnerability" (PDF)

This Advisory details a default backdoor user account with a weak password encryption. This web release follows the earlier secure portal release.