CISA Emergency Directive 19-01

DHS Issues First Emergency Directive 19-01

Source: Cybersecurity and Infrastructure Security Agency DHS issued an Emergency Directive on January 22nd to government agencies in response to reports of compromised registrar and DNS accounts. Background The Cybersecurity and Infrastructure Security Agency (CISA)…

Read More



NERC’s E-ISAC and WaterISAC Launch Collaboration Effort

Source: NERC NERC’s Electricity Information Sharing and Analysis Center (E-ISAC) and the Water Information Sharing and Analysis Center (WaterISAC) launched a new security partnership aimed at enhancing cross-sector coordination and taking advantage of the interdependencies…


US Power Gird Vendors Under Assualt

Source: Rob Barry and Lisa Schwartz of the Wall Street Journal The Wall Street Journal is reporting of a sophisticated phishing campaign targeting the vendors of Power Utilities. The U.S. Department of Homeland Security dispatched…


Eastern Interconnection Frequency Oscillation Observed

Source: USGridSec,01/11/2018 The Midcontinent Independent System Operator (MISO) sent a real time notification on Friday, January 11th of an observed large frequency swings that was picked up on measurement devices across the United States Eastern Interconnection….



Russian Hackers Still Looking At US Power Grid

Source: Wired Two large-scale blackouts in Ukraine caused by Russian cyberattacks in 2015 and 2016 showed just how systems once thought off limits to attackers could be exploited. Grid hacking however takes on many forms though, making…



Advisory (ICSA-18-345-02)

Siemens SINUMERIK Controllers Source: ICS-CERT 1. EXECUTIVE SUMMARY CVSS v3 10.0ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SINUMERIK ControllersVulnerabilities: Heap-based Buffer Overflow, Integer Overflow or Wraparound, Protection Mechanism Failure, Permissions, Privileges, and Access Controls, Stack-based Buffer Overflow, Uncaught…