Qadit Blog

September 6, 2013October 1, 2013

Stuxnet Expert Dismisses NIST Cyber Security Framework, Proposes Alternative

An anonymous reader writes “Ralph Langner, the security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran’s Natanz nuclear facility, has come up with a cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government’s Cyber Security Framework. Langner’s Robust ICS Planning and Evaluation, or RIPE, framework takes a different approach to locking down ICS/SCADA plants than the NIST-led one, focusing on security capabilities rather than risk. He hopes it will help influence the final version of the U.S. government’s framework.”

Original article at Slashdot

September 5, 2013October 1, 2013

The Terrifying Search Engine That Finds Internet-Connected Cameras, Traffic Lights, Medical Devices, Baby Monitors And Power Plants

Marc Gilbert got a horrible surprise from a stranger on his 34th birthday in August. After the celebration had died down, the Houston resident heard an unfamiliar voice coming from his daughter’s room; the person was telling his sleeping 2-year-old, “Wake up, you little slut.” When Gilbert rushed in, he discovered the voice was coming from his baby monitor and that whoever had taken control of it was also able to manipulate the camera. Gilbert immediately unplugged the monitor but not before the hacker had a chance to call him a moron.

Read the full article at Hitb

September 5, 2013September 5, 2013

ElectraCard to drive e-banking services for Cambodia’s largest MFI

ElectraCard Services, a division of Opus Software Solutions providing software and processing solutions for e-payment systems, has been selected by Sathapana Ltd., the leading micro-finance institutuion in Cambodia, to provide ATM and card services. The PA-DSS compliant electraSwitch and electraDebit products will power electronic banking services for Sathapana customers.

September 5, 2013September 5, 2013

CloudConvert Converts Almost Any File Type Between Formats

Converting files between formats is never a fun thing to do. When you’re working on different systems, it’s a pain to do, and you often need a ton of software. CloudConvert is a web app that can convert 140 different file types.

Replacing passwords and PINs with your heartbeat

We’ve been hearing for a while now that passwords will soon become a thing of the past and, as it seems now, biometric authentication is likely to take their place.

The latest innovation in this field comes from Canadian startup Bionym, whose team created Nymi, a bracelet / wristband containing an ECG (electrocardiogram) sensor that “reads” the unique heartbeat pattern of the wearer and uses it to authenticate into a variety of electronic devices (cars, computers, smartphones, TVs, etc.).

10 Years Later: Could an Epic Blackout Happen Again?

It’s been exactly a decade since a cascading blackout across the Northeast crippled commerce and transportation in the U.S. and Canada by cutting off power to 50 million people and causing up to $10 billion of damage to the economy.

An interview in Fox Business about the threats to the Power Grid and the risk of another Black Out.

Link …

August 30, 2013September 4, 2013

Funny take on a few Tech Buzz Words

IT Admin: We will put our dark data on a pass as we have yottabytes of it.
Manager: Can you shed some light on issue please.
Continue reading “Funny take on a few Tech Buzz Words”

August 29, 2013August 29, 2013

Interesting and scary things from Black Hat 2013

Black Hat 2013 concluded in the first week of August.
Continue reading “Interesting and scary things from Black Hat 2013”

August 29, 2013August 31, 2013

Ensuring Communication during an incident

Most organisations are so tuned towards securing their systems that they fail to build proper responses or communication protocols during an incident. Expecting every organisation to be immune from incidents is unrealistic, but least organisations can do is to ensure proper communication during an incident. Continue reading “Ensuring Communication during an incident”

August 29, 2013August 29, 2013

Evil 8: Mobile Security Threats

CSA (Cloud Security Alliance), an non-profit organization with a mission to promote security best practices within cloud computing, has come up with a list of ‘Top Threats to Mobility’ from a cloud centric view point. These threats, named as ‘Evil 8.0’ by CSA, have been listed below. Though, these threats are cloud centric, they are very relevant to all mobile end users and enterprises which are not on the cloud. Continue reading “Evil 8: Mobile Security Threats”