Archive for September, 2012

Finding “common taste and fellowship”

On a rainy Saturday morning in the midst of truly treacherous days and the choreographed contentiousness of an election, I found the following a helpful encouragement.  In my own experience it is accurate over the long term: Now it appears to me that …

ICS-CERT has released an Advisory titled "ICSA-12-265-01 – Emerson DeltaV Buffer Overflow" (PDF)

This Advisory identifies a buffer-overflow vulnerability in the Emerson DeltaV application.

ICS-CERT has released a JSAR titled "JSAR-12-241-01A – Shamoon-DistTrack Malware" (PDF)

This JSAR identifies W32.DistTrack, also known as "Shamoon," is an information-stealing malware that also includes a destructive module.

ICS-CERT has released a JSAR titled "JSAR-12-241-01A – Shamoon-DistTrack Malware" (PDF)

This JSAR identifies W32.DistTrack, also known as "Shamoon," is an information-stealing malware that also includes a destructive module.

ICS-CERT has released an Advisory titled "ICSA-12-271-02 – Optimalog Optima PLC Multiple Vulnerabilities" (PDF)

This Advisory identifies a NULL Pointer Dereference and an Infinite Loop and released proof-of-concept (exploit) code for Optimalog's Optima PLC application.

Remembering our mission

I am in New York for a few days.  I arrived Wednesday for private sector meetings on supply chain resilience, catastrophe preparedness, and related. The city is packed for the opening of the United Nations. When I checked in the guy in front of me ask…

Government and the cyber-domain; or command-and-control encounters complexity

There is considerable expectation that an Executive Order will soon try to pick up the pieces from a failed effort at cybersecurity legislation.  You can read more at CNET, Wall Street Journal, or The Hill (for three very different angles on reality)….

What hath the NERC CIPs wrought?

A peaking plant may see little use until it is REALLY needed, and at that point it must run in a prescribed period of time. Depending on whether the peaker is on Automatic Generator Control (AGC) or other form of dispatch, it will be required to be ava…

What hath the NERC CIPs wrought?

A peaking plant may see little use until it is REALLY needed and at that point it must run in a prescribed period of time. Depending on whether the peaker is on Automatic Generator Control (AGC) or other form of dispatch, it will be required to be avai…

Growing more homeland security ideas

On September 21st, the Naval Postgraduate School’s Center for Homeland Defense and Security graduated its 39th and 40th master’s degree class. To suggest the ideas explored by those graduates, here are the titles of their theses. Most of the theses…