2.4 ICS Security Trend All in all, with IT and OT converging at a rapid pace, ICSs will be exposed to more threats that are evolving faster and faster. The threat evolution is reflected in the following aspects: (mais…)
Ano: 2020
ICS Information Security Assurance Framework 10
2.3.2 ICS Vulnerability Trend As industrial control has been delving deeper in recent years, more and more ICS vulnerabilities are discovered by researchers. As vulnerabilities publicly available are only a small portion of those hidden in ICSs, the possibility of ICS vulnerabilities being stashed as potential cyber weapons cannot be...
ICS Information Security Assurance Framework 9
2.3 Vulnerabilities in ICS Assets Most ICS security mechanisms are short of authentication, encryption, and audits, and therefore such ICS assets are rather vulnerable. When connecting to the Internet, ICSs are susceptible to external probes or identification via special fields included in information returned through public or private communication protocols,...
Microsoft Security Update for January 2020 Fixes 49 Security Vulnerabilities
Overview Microsoft released the January security update on Tuesday, fixing 49 security issues ranging from simple spoofing attacks to remote code execution, discovered in products like .NET Framework, Apps, ASP.NET, Common Log File System Driver, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows Search...
Adobe Security Bulletins for January 2020 Security Updates Security Alert
Overview On January 14, local time, Adobe officially released the January security update, which fixed multiple vulnerabilities in various Adobe products, including Adobe Experience Manager and Adobe Illustrator CC. Official notification address: https://helpx.adobe.com/security.html (mais…)
Weblogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Security Alert
Overview In January 2020, the critical patch update announcement CPU (Critical Patch Update) officially released by Oracle, a remote code execution vulnerability (CVE-2020-2551) in the IIOP protocol of Weblogic WLS component was announced. (mais…)
