Large Language Models for Detecting Cyberattacks on Smart Grid Protective Relays

This paper presents a large language model LLM-based framework for detecting cyberattacks on transformer current differential relays TCDRs, which, if undetected, may trigger false tripping of critical transformers. The proposed approach adapts and fine-tunes compact LLMs such as DistilBERT to...

Grid-STIX: A STIX 2.1-Compliant Cyber-Physical Security Ontology for Power Grid

Modern electrical power grids represent complex cyber-physical systems requiring specialized cybersecurity frameworks beyond traditional IT security models. Existing threat intelligence standards such as STIX 2.1 and MITRE ATT&CK lack coverage for grid-specific assets, operational technology...

Power Grid Cybersecurity: Policy Analysis White Paper

The U.S. power grid underpins national security, public safety, and economic stability, but faces growing cyber risks from vulnerabilities in industrial control systems, remote access, and poor cyber hygiene. Despite its critical importance, current policy remains fragmented and reactive. This...

Siemens SICAM Q100/Q200

SUMMARY SICAM Q100 and Q200 devices are affected by two information disclosure vulnerabilities that could allow an authenticated local attacker to extract the SMTP account password and use the configured SMTP service for arbitrary purposes. Siemens has released new versions for the affected...

Siemens SIPROTEC 4 and SIPROTEC 4 Compact

SUMMARY SIPROTEC 4 and SIPROTEC 4 Compact devices contain a vulnerability that could allow an unauthenticated remote attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is...

Large Language Model-Based Framework for Explainable Cyberattack Detection in Automatic Generation Control Systems

The increasing digitization of smart grids has improved operational efficiency but also introduced new cybersecurity vulnerabilities, such as False Data Injection Attacks FDIAs targeting Automatic Generation Control AGC systems. While machine learning ML and deep learning DL models have shown...

Destabilizing Power Grid and Energy Market by Cyberattacks on Smart Inverters

Cyberattacks on smart inverters and distributed PV are becoming an imminent threat, because of the recent well-documented vulnerabilities and attack incidents. Particularly, the long lifespan of inverter devices, users' oblivion of cybersecurity compliance, and the lack of cyber regulatory...

CVE-2024-37567

Infoblox NIOS

Command Execution Vulnerability in Golden Power Grid's Trusted O&M Management System

Golden Grid AnTrust O&M Management System provides a professional "human-machine" interactive O&M platform and professional "human-machine" delivery solutions. There is a command execution vulnerability in the Golden Grid Secure O&M Management System, which can be exploited by attackers to execut...

Defending the power grid against supply chain attacks—Part 1: The risk defined

Most people don’t think about electricity. If the internet works, their food is refrigerated, and their debit card is approved, why should they? Its ubiquity and reliability render it invisible—a bit of magic that powers much of modern life. That is, until a large storm passes through. Localized...

The Aurora Power Grid Vulnerability and the BlackEnergy Trojan

At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy attack that can exploit Aurora. In March 2007, the...

UBUNTU-CVE-2017-16816

The condorschedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service daemon crash by leveraging use of GSI and VOMS extensions...

DEBIAN-CVE-2017-16816

The condorschedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service daemon crash by leveraging use of GSI and VOMS extensions...

Institute for Electric Grid Cybersecurity Girds Utilities

Critical infrastructure policymakers are advocating the foundation of a new entity, the Institute for Electric Grid Cybersecurity, along with a new set of guidelines, to better protect the North American electric grid from cyber-attacks and determine how to respond if the grid is ever compromised...

Open Source Smart Meter Hacking Framework can Hack into the Power Grid

A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters. Dubbed 'Termineter,' the framework would allow users, such as grid operators and administrators, to test smart meters for vulnerabilities. It claims will let security...

Moderate: Red Hat Security Advisory: MRG Grid security, bug fix, and enhancement update

Updated Grid component packages that fix multiple security issues, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common...

FreeBSD : globus -- Multiple tmpfile races (5039ae61-2c9f-11db-8401-000ae42e9b93)

The Globus Alliance reports : The proxy generation tool grid-proxy-init creates the file, secures the file to provide access only to owner and writes proxy to the file. A race condition exists between the opening of the proxy credentials file, and making sure it is safe file to write to. The chec...

globus -- Multiple tmpfile races

The Globus Alliance reports: The proxy generation tool grid-proxy-init creates the file, secures the file to provide access only to owner and writes proxy to the file. A race condition exists between the opening of the proxy credentials file, and making sure it is safe file to write to. The check...