Submitted by Eric Byres on Thu, 2012-12-20 21:00
One of the pleasures of the Holiday Season is the opportunity to say "thank you" for being part of our SCADA security community over the last year. We very much appreciate your readership and the stimulating dialogue that results from it.
The team at Tofino Security sends you and your family warm thoughts and best wishes for a wonderful Holiday, and a very Happy New Year.
Submitted by Eric Byres on Thu, 2011-12-22 11:04
The team at Tofino Security wishes you a very happy holiday season and a New Year filled with peace and prosperity.
Our next blog article will be published the week of Jan 2nd.
Have a safe, fun and happy holiday!
Submitted by Eric Byres on Thu, 2011-09-01 21:00
Today is a big news day for Byres Security Inc. (BSI), as we are announcing that our company has been acquired by Belden Inc.
We (Joann Byres and Eric Byres) are writing this article to let you know what the future has in store for us, and for our company.
What will stay the same?
Byres Security Inc. will run as an independent business unit under Belden, and the Tofino Security brand will remain the same.
BSI will continue: |
Submitted by Eric Byres on Mon, 2010-11-08 09:35
One of the three pathways Stuxnet uses to infect other computers is via the Local Area Network communications inside the control system (the other two are via infected USB drives and via infected Siemens project files).
This blog post addresses how to restrict network-driven infections using the Tofino Industrial Security Solution as the example product for mitigation. Tofino is our own product, so you know where my bias is. However, no matter what technology is deployed, the concepts I will talk about are the same.
Submitted by Eric Byres on Mon, 2010-10-25 11:27
Stuxnet Mitigation Matrix Updated
This is a short note to let you know that we have updated our Stuxnet Mitigation Matrix to version 1.1, based on feedback from our readers.
The new version addresses the need to test and/or confirm all mitigations, including firewalling the Remote Procedure Call (RPC) protocol.
Submitted by Eric Byres on Thu, 2010-10-21 10:49
Our goal with this blog is to provide you with practical information to help you avoid network incidents that disrupt operations.
With this in mind, today we are releasing a Stuxnet Mitigation Matrix that presents easy-to-follow actions to take against Stuxnet.
Stuxnet Mitigation Matrix by Tofino Security is a printable version of the mitigation matrix that includes dynamic links to detailed information on each of the patches and mitigations.
Submitted by Eric Byres on Thu, 2010-10-14 17:18
Last week, Rick Kaun in his blog “[In]security Culture”, blasted the “security vendors” who were claiming that if the ICS/SCADA world used their offering, we would have avoided the whole Stuxnet mess. As Rick very correctly points out, this is complete rubbish - there is no silver bullet for security in general, but in the Stuxnet case it is dangerously inaccurate.
Submitted by Scott Howard on Thu, 2010-08-26 11:02
Last week I wrote about a malicious attack on an industrial control system (ICS) initiated by outsiders. This week I'll discuss a PLC accident caused by an insider, and suggest some possible solutions for both of these incidents.
