业内信息 工控安全 技术分享

灯塔实验室助力2018年工业信息安全技能大赛西部赛区

7月5日上午,2018年工业信息安全技能大赛开幕赛,西部赛区初赛启动仪式在四川大学望江校区体育馆正式拉开帷幕。

本次大赛由成都市人民政府指导、国家工业信息安全发展研究中心联合成都市经济和信息化委员会共同主办,是目前全国规格最高、规模最大、影响最广的工业信息安全技能赛事,也是2018国家网络安全宣传周的重要活动之一。灯塔实验室作为技术支持团队全程在比赛平台、赛事环境等方面提供了有力支撑和技术保障。

本届技能大赛分为初赛、复赛、决赛三个环节,与去年首届大赛不同的是,今年大赛首次推出赛区制,华北、东北、华东、华中、西部,五大赛区辐射全国。五大赛区选拔出50支队伍后,复赛中他们将同台竞技,展示各自在工业信息安全领域能力积累,争夺入围决赛的十强名额。作为今年度国家网络安全宣传周的前奏,大赛将进一步提高全社会的工业信息安全意识,加大工业信息安全专业人才选拔与培养力度,提高工业信息安全防护水平。

本次西部赛区初赛主要考察了参赛队伍包含工控固件逆向、工控恶意软件分析、工业网络数据分析、工控软件安全分析,以及对硬件(PLC)的信息安全检测评估能力。与此同时灯塔安全威胁感知解决方案也被应用了到比赛现场中,一是对选手比赛的网络行为进行监控,二是作为初赛附加题,通过利用主动防御技术构建了虚拟工业控制系统节点与网络,选手在该网络中展开针对工控系统环境的实战渗透测试,考验参赛选手工控系统安全评估、渗透测试的实战综合能力。

 

比赛最新动态

【关注】2018年工业信息安全技能大赛西部赛区十强诞生!
【关注】2018年工业信息安全技能大赛(东北赛区)开赛
【报名-华东】2018年工业信息安全技能大赛(华东赛区)方案首发
【报名-华中】2018年工业信息安全技能大赛(华中赛区)方案首发
【报名-华北】2018年工业信息安全技能大赛(华北赛区)方案首发

About Z-0ne

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

最新工业控制系统漏洞

ICS-CERT Advisory Feed
ABB Panel Builder 800

This advisory includes mitigation recommendations for an improper input validation vulnerability in the ABB Panel Builder 800.. . . read more Tue, 17 Jul 2018 10:10:45 EDT

WAGO e!DISPLAY Web-Based-Management

This advisory includes mitigation recommendations for cross-site scripting, unrestricted upload of file with dangerous type, and incorrect permissions. . . read more Tue, 17 Jul 2018 10:05:54 EDT

PEPPERL+FUCHS VisuNet RM, VisuNet PC, and Box Thin Client

This advisory includes mitigation recommendations for an improper authentication vulnerability in the PEPPERL+FUCHS VisuNet RM, VisuNet PC, Box Thin C. . . read more Tue, 17 Jul 2018 10:00:37 EDT

Eaton 9000X Drive

This advisory includes mitigation recommendations for a stack-based buffer overflow vulnerability in the Eaton 9000X Drive.. . . read more Thu, 12 Jul 2018 10:00:01 EDT

Universal Robots Robot Controllers

This advisory includes mitigation recommendations for use of hard-coded credentials and missing authentication for critical function vulnerabilities r. . . read more Tue, 10 Jul 2018 10:10:05 EDT

Schweitzer Engineering Laboratories, Inc. Compass and AcSELerator Architect

This advisory includes mitigations for incorrect default permissions, XXE, and resource exhaustion vulnerabilities in Schweitzer Engineering's Co. . . read more Tue, 10 Jul 2018 10:00:01 EDT

Rockwell Automation Allen-Bradley Stratix 5950

This advisory includes mitigations for improper input validation, improper certificate validation, and resource management error vulnerabilities in th. . . read more Tue, 03 Jul 2018 11:01:56 EDT

Medtronic MyCareLink Patient Monitor

This advisory includes mitigation recommendations for hard-coded password and exposed dangerous method or function vulnerabilities reported in Medtron. . . read more Thu, 28 Jun 2018 10:00:01 EDT

Delta Electronics Delta Industrial Automation COMMGR

This advisory includes mitigations for a stack-based buffer overflow vulnerability in the Delta Electronics Delta Industrial Automation COMMGR softwar. . . read more Thu, 21 Jun 2018 10:00:42 EDT

Rockwell Automation Allen-Bradley CompactLogix and Compact GuardLogix (Update A)

This updated advisory is a follow-up to the original advisory titled ICSA-18-172-02 Rockwell Automation Allen-Bradley CompactLogix and Compact GuardLo. . . read more Thu, 21 Jun 2018 09:55:36 EDT

Natus Xltek NeuroWorks

This medical device advisory includes mitigations for stack-based buffer overflow and out-of-bounds read vulnerabilities in the Natus Xltek NeuroWorks. . . read more Thu, 14 Jun 2018 12:05:47 EDT

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C

This advisory includes mitigation recommendations for a permissions, privileges, and access controls vulnerability reported in Siemens SCALANCE X swit. . . read more Thu, 14 Jun 2018 10:10:00 EDT

Schneider Electric U.motion Builder

This advisory includes mitigations for a command injection, cross-site scripting, and improper input validation vulnerabilities in the Schneider Elect. . . read more Tue, 12 Jun 2018 14:31:11 EDT

Siemens SCALANCE X Switches

This advisory includes mitigation recommendations for a cross-site scripting vulnerability reported in Siemens SCALANCE X switches.. . . read more Tue, 12 Jun 2018 11:28:10 EDT

Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway

This advisory contains mitigation recommendations for an unquoted search path or element vulnerability in the Rockwell Automation RSLinix Classic soft. . . read more Thu, 07 Jun 2018 11:55:09 EDT

Philips' IntelliVue Patient and Avalon Fetal Monitors

This medical device advisory includes mitigations for improper authentication, information exposure, and stack-based buffer overflow vulnerabilities i. . . read more Tue, 05 Jun 2018 10:05:11 EDT

ABB IP Gateway

This advisory contains mitigation recommendations for improper authentication, cross-site request forgery, and unprotected storage of credentials vuln. . . read more Tue, 05 Jun 2018 10:00:07 EDT

Delta Industrial Automation DOPSoft

This advisory contains mitigation recommendations for out-of-bounds read, heap-based buffer overflow, and stack-based buffer overflow vulnerabilities. . . read more Thu, 31 May 2018 10:10:11 EDT

GE MDS PulseNET and MDS PulseNET Enterprise

This advisory includes mitigations for improper authentication, improper restriction of XML external entity reference ('XXE'), and relative. . . read more Thu, 31 May 2018 10:05:11 EDT

Yokogawa STARDOM Controllers

This advisory includes mitigations for a hard-coded credentials vulnerability in the Yokogawa STARDOM Controller products.. . . read more Thu, 31 May 2018 10:00:11 EDT