业内信息 工控安全 技术分享

灯塔实验室助力2018年工业信息安全技能大赛西部赛区

7月5日上午,2018年工业信息安全技能大赛开幕赛,西部赛区初赛启动仪式在四川大学望江校区体育馆正式拉开帷幕。

本次大赛由成都市人民政府指导、国家工业信息安全发展研究中心联合成都市经济和信息化委员会共同主办,是目前全国规格最高、规模最大、影响最广的工业信息安全技能赛事,也是2018国家网络安全宣传周的重要活动之一。灯塔实验室作为技术支持团队全程在比赛平台、赛事环境等方面提供了有力支撑和技术保障。

本届技能大赛分为初赛、复赛、决赛三个环节,与去年首届大赛不同的是,今年大赛首次推出赛区制,华北、东北、华东、华中、西部,五大赛区辐射全国。五大赛区选拔出50支队伍后,复赛中他们将同台竞技,展示各自在工业信息安全领域能力积累,争夺入围决赛的十强名额。作为今年度国家网络安全宣传周的前奏,大赛将进一步提高全社会的工业信息安全意识,加大工业信息安全专业人才选拔与培养力度,提高工业信息安全防护水平。

本次西部赛区初赛主要考察了参赛队伍包含工控固件逆向、工控恶意软件分析、工业网络数据分析、工控软件安全分析,以及对硬件(PLC)的信息安全检测评估能力。与此同时灯塔安全威胁感知解决方案也被应用了到比赛现场中,一是对选手比赛的网络行为进行监控,二是作为初赛附加题,通过利用主动防御技术构建了虚拟工业控制系统节点与网络,选手在该网络中展开针对工控系统环境的实战渗透测试,考验参赛选手工控系统安全评估、渗透测试的实战综合能力。

 

比赛最新动态

【关注】2018年工业信息安全技能大赛西部赛区十强诞生!
【关注】2018年工业信息安全技能大赛(东北赛区)开赛
【报名-华东】2018年工业信息安全技能大赛(华东赛区)方案首发
【报名-华中】2018年工业信息安全技能大赛(华中赛区)方案首发
【报名-华北】2018年工业信息安全技能大赛(华北赛区)方案首发

About Z-0ne

Leave a Reply

Your email address will not be published. Required fields are marked *

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据

最新工业控制系统漏洞

ICS-CERT Advisory Feed
Delta Industrial Automation CNCSoft

This advisory includes mitigations for heap-based buffer overflow, out-of-bounds read, and stack-based buffer overflow vulnerabilities reported in Del. . . read more Tue, 16 Apr 2019 10:10:11 EDT

WAGO Series 750-88x and 750-87x

This advisory includes mitigations for a use of hard-coded credentials vulnerability reported in WAGO's 750-88x and 750-87x programmable logic co. . . read more Tue, 16 Apr 2019 10:05:55 EDT

PLC Cycle Time Influences

This advisory includes mitigations for an uncontrolled resource consumption vulnerability reported in ABB, Phoenix Contact, Schneider Electric, Siemen. . . read more Tue, 16 Apr 2019 10:00:24 EDT

Siemens SIMOCODE pro V EIP

This advisory includes mitigations for an uncontrolled resource consumption vulnerability reported in Siemens' SIMOCODE pro V EIP low-voltage mot. . . read more Tue, 09 Apr 2019 10:25:33 EDT

Siemens Spectrum Power 4.7

This advisory includes mitigations for a command injection vulnerability reported in Siemens' Spectrum Power 4.7 system.. . . read more Tue, 09 Apr 2019 10:20:24 EDT

Siemens Industrial Products with OPC UA

This advisory includes mitigations for an uncaught exception vulnerability in Siemens' Industrial Products using OPS UA communications protocol.. . . read more Tue, 09 Apr 2019 10:15:11 EDT

Siemens SINEMA Remote Connect

This advisory includes mitigations for incorrect calculation of buffer size, out-of-bounds read, stack-based buffer overflow, and improper handling of. . . read more Tue, 09 Apr 2019 10:10:11 EDT

Siemens RUGGEDCOM ROX II

This advisory includes mitigations for double free, out-of-bounds read, and uncontrolled resource consumption vulnerabilities reported in Siemens'. . . read more Tue, 09 Apr 2019 10:05:16 EDT

Siemens CP, SIAMTIC, SIMOCODE, SINAMICS, SITOP, and TIM

This advisory includes mitigations for an out-of-bounds read vulnerability reported in Siemens' CP, SIAMTIC, SIMOCODE, SINAMICS, SITOP, and TIM p. . . read more Tue, 09 Apr 2019 10:00:56 EDT

Omron CX-Programmer

This advisory includes mitigations for a use after free vulnerability reported in Omron's CX-Programmer PLC software.. . . read more Thu, 04 Apr 2019 10:15:11 EDT

Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700

This advisory includes mitigations for an uncontrolled resource consumption vulnerability reported in Rockwell Automation's Stratix and ArmorStra. . . read more Thu, 04 Apr 2019 10:10:11 EDT

Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700

This advisory includes mitigations for resource management errors and improper input validation vulnerabilities reported in Rockwell Automation's. . . read more Thu, 04 Apr 2019 10:05:19 EDT

Rockwell Automation Stratix 5950

This advisory includes mitigations for an improper input validation vulnerability reported in Rockwell Automation's Stratix 5950 security applian. . . read more Thu, 04 Apr 2019 10:00:23 EDT

Advantech WebAccess/SCADA

This advisory includes mitigations for command injection, stack-based buffer overflow, and improper access control vulnerabilities reported in Advante. . . read more Tue, 02 Apr 2019 10:00:11 EDT

Rockwell Automation PowerFlex 525 AC Drives

This advisory includes mitigations for a resource exhaustion vulnerability reported in Rockwell Automation's PowerFlex 525 AC drive.. . . read more Thu, 28 Mar 2019 10:00:11 EDT

Siemens SCALANCE X

This advisory includes mitigations for an expected behavior violation vulnerability reported in the Siemens SCALANCE X products.. . . read more Tue, 26 Mar 2019 10:15:18 EDT

PHOENIX CONTACT RAD-80211-XD

This advisory includes mitigations for a command injection vulnerability reported in Phoenix Contact's RAD-80211-XD WLAN wireless transceiver.. . . read more Tue, 26 Mar 2019 10:10:11 EDT

ENTTEC Lighting Controllers

This advisory includes mitigations for a missing authentication for critical function vulnerability reported in ENTTEC’s lighting controllers.. . . read more Tue, 26 Mar 2019 10:00:23 EDT

Medtronic Conexus Radio Frequency Telemetry Protocol

This medical advisory includes mitigations for improper access control and cleartext transmission of sensitive information vulnerabilities reported in. . . read more Thu, 21 Mar 2019 10:00:27 EDT

AVEVA InduSoft Web Studio and InTouch Edge HMI

This advisory includes mitigations for an uncontrolled search path element vulnerability in AVEVA's InduSoft Web Studio and InTouch Edge human ma. . . read more Tue, 19 Mar 2019 10:05:11 EDT