业内信息 工控安全 技术分享

灯塔实验室助力2018年工业信息安全技能大赛西部赛区

7月5日上午,2018年工业信息安全技能大赛开幕赛,西部赛区初赛启动仪式在四川大学望江校区体育馆正式拉开帷幕。

本次大赛由成都市人民政府指导、国家工业信息安全发展研究中心联合成都市经济和信息化委员会共同主办,是目前全国规格最高、规模最大、影响最广的工业信息安全技能赛事,也是2018国家网络安全宣传周的重要活动之一。灯塔实验室作为技术支持团队全程在比赛平台、赛事环境等方面提供了有力支撑和技术保障。

本届技能大赛分为初赛、复赛、决赛三个环节,与去年首届大赛不同的是,今年大赛首次推出赛区制,华北、东北、华东、华中、西部,五大赛区辐射全国。五大赛区选拔出50支队伍后,复赛中他们将同台竞技,展示各自在工业信息安全领域能力积累,争夺入围决赛的十强名额。作为今年度国家网络安全宣传周的前奏,大赛将进一步提高全社会的工业信息安全意识,加大工业信息安全专业人才选拔与培养力度,提高工业信息安全防护水平。

本次西部赛区初赛主要考察了参赛队伍包含工控固件逆向、工控恶意软件分析、工业网络数据分析、工控软件安全分析,以及对硬件(PLC)的信息安全检测评估能力。与此同时灯塔安全威胁感知解决方案也被应用了到比赛现场中,一是对选手比赛的网络行为进行监控,二是作为初赛附加题,通过利用主动防御技术构建了虚拟工业控制系统节点与网络,选手在该网络中展开针对工控系统环境的实战渗透测试,考验参赛选手工控系统安全评估、渗透测试的实战综合能力。

 

比赛最新动态

【关注】2018年工业信息安全技能大赛西部赛区十强诞生!
【关注】2018年工业信息安全技能大赛(东北赛区)开赛
【报名-华东】2018年工业信息安全技能大赛(华东赛区)方案首发
【报名-华中】2018年工业信息安全技能大赛(华中赛区)方案首发
【报名-华北】2018年工业信息安全技能大赛(华北赛区)方案首发

About Z-0ne

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

最新工业控制系统漏洞

ICS-CERT Advisory Feed
Tec4Data SmartCooler

This advisory includes mitigations for a missing authentication for critical function vulnerability in Tec4Data's SmartCooler, a cooling applianc. . . read more Thu, 20 Sep 2018 12:00:41 EDT

Rockwell Automation RSLinx Classic

This advisory includes mitigations for stack-based buffer overflow, heap-based buffer overflow, and resource exhaustion vulnerabilities in Rockwell Au. . . read more Thu, 20 Sep 2018 11:55:00 EDT

WECON PLC Editor

This advisory includes mitigations for a stack-based buffer overflow vulnerability in WECON’s PLC Editor, a ladder logic software.. . . read more Tue, 18 Sep 2018 11:25:23 EDT

Honeywell Mobile Computers with Android Operating Systems

This advisory includes mitigations for an improper privilege management vulnerability in the Honeywell mobile computers running the Android Operating. . . read more Thu, 13 Sep 2018 11:34:56 EDT

Fuji Electric V-Server

This advisory includes mitigations for use-after free, untrusted pointer dereference, heap-based buffer overflow, out-of-bounds write, integer underfl. . . read more Tue, 11 Sep 2018 10:20:44 EDT

Fuji Electric V-Server Lite

This advisory includes mitigation recommendations for a classic buffer overflow vulnerability in Fuji Electric's V-Server Lite, a data collection. . . read more Tue, 11 Sep 2018 10:15:52 EDT

Siemens TD Keypad Designer

This advisory includes mitigation recommendations for an uncontrolled search path element vulnerability in Siemens' TD Keypad Designer.. . . read more Tue, 11 Sep 2018 10:10:18 EDT

Siemens SIMATIC WinCC OA

This advisory includes mitigation recommendations for an improper access control vulnerability in Siemens' SIMATIC WinCC OA.. . . read more Tue, 11 Sep 2018 10:05:12 EDT

Siemens SCALANCE X Switches

This advisory includes mitigation recommendations for an improper input validation vulnerability in Siemens' SCALANCE X switches used to connect. . . read more Tue, 11 Sep 2018 10:00:18 EDT

Ice Qube Thermal Management Center

This advisory includes mitigation recommendations for improper authentication and unprotected storage of credentials vulnerabilities in Ice Qube'. . . read more Thu, 06 Sep 2018 13:21:57 EDT

Opto22 PAC Control Basic and PAC Control Professional

This advisory includes mitigation recommendations for a stack-based buffer overflow vulnerability in Opto22's PAC Control software.. . . read more Tue, 04 Sep 2018 10:30:01 EDT

Philips e-Alert Unit

This advisory includes mitigation recommendations for numerous vulnerabilities in Phillips' e-Alert Unit, a non-medical device.. . . read more Thu, 30 Aug 2018 11:22:01 EDT

Qualcomm Life Capsule

This advisory includes mitigations for a code weakness vulnerability in the Qualcomm Life Capsule Datacaptor Terminal Server software.. . . read more Tue, 28 Aug 2018 10:20:24 EDT

Schneider Electric Modicon M221

This advisory includes mitigation recommendations for information management errors, and permissions, privileges, and access controls vulnerabilities. . . read more Tue, 28 Aug 2018 10:15:25 EDT

Schneider Electric Modicon M221

This advisory includes mitigation recommendations for an improper check for unusual or exceptional conditions vulnerability in Schneider Electric’s. . . read more Tue, 28 Aug 2018 10:10:14 EDT

Schneider Electric PowerLogic PM5560

This advisory includes mitigation recommendations for a cross-site scripting vulnerability in Schneider Electric's PowerLogic PM5560 power manage. . . read more Tue, 28 Aug 2018 10:05:11 EDT

ABB eSOMS

This advisory includes mitigation recommendations for an improper authentication vulnerability in ABB’s eSOMS.. . . read more Tue, 28 Aug 2018 10:00:11 EDT

BD Alaris Plus

This medical device advisory includes mitigation recommendations for an improper authentication vulnerability in specific versions of BD’s Alaris Pl. . . read more Thu, 23 Aug 2018 10:00:26 EDT

Philips IntelliVue Information Center iX (Update A)

This updated medical device advisory is a follow-up to the original medical device advisory titled ICSMA-18-233-01 Philips IntilliVue Information Cent. . . read more Tue, 21 Aug 2018 10:05:29 EDT

Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows

This advisory includes mitigation recommendations for stack-based buffer overflow vulnerabilities in Yokogawa's iDefine, STARDOM, ASTPLANNER, and. . . read more Tue, 21 Aug 2018 10:00:11 EDT