Keep Your Plants On

Keep Your Plants On

4 Online Scanning Methods That Won’t Take Your Plants Down It’s hard to believe it’s already been a week since I presented at S4x19 on assessment tools for ICS environments. After a brief introduction weighing the risks posed by traditional online tools versus the risk of doing nothing, I walked through four online scanning techniques that offer low impact, high value results. I know these can[...]

The Vulnerability That Keeps On Giving: Seven New Variations of Spectre and Meltdown Discovered

The Vulnerability That Keeps On Giving: Seven New Variations of Spectre and Meltdown Discovered

Meltdown and Spectre Overview On January 8, 2018, Revolutionary Security reported on Meltdown and Spectre, which are kernel-level vulnerabilities impacting the processing of unauthorized local memory. These vulnerabilities take advantage of a CPU feature called “speculative execution,” which is leveraged by the CPU to optimize performance by running tasks that may not actually be required. The[...]

Check Yourself Before You Assess Yourself

Check Yourself Before You Assess Yourself

7 Questions to Achieve Awareness of the Security Posture of Your Environment After working as a consultant for several years, I sometimes think back to my days as a SCADA security analyst for an oil and gas company.  If I knew then what I know now, how would I have done things differently? If I were responsible for keeping an oil and gas company’s assets, processes, and people safe from cyber[...]

Preventing a Meltdown: Recommendations for the Meltdown / Spectre Vulnerabilities

Preventing a Meltdown: Recommendations for the Meltdown / Spectre Vulnerabilities

Meltdown and Spectre Overview Meltdown and Spectre are kernel vulnerabilities that can result in the loss of system confidentiality through access to unauthorized memory locations on the local system. Meltdown (CVE-2017-5754) affects Intel chips – mostly impacting PCs. Spectre is broader and is based on two separate vulnerabilities (CVE-2017-5753 and CVE-2017-5715) and also impacts AMD and ARM[...]