Security feed

Earlier
https://cdn.arstechnica.net/wp-content/uploads/2017/08/3.jpg
Android 8.0 Oreo is the 26th version of the world's most popular operating system. This year, Google's mobile-and-everything-else OS hit two billion monthly active users—and that's just counting phones and tablets. What can all those users expect from the new version? In an interview with Ars earlier this year, Android's [...]
Wed, Sep 06, 2017
Source: hitb
https://media.wired.com/photos/59af419ac6826f54d72b409a/master/w_1164,c_limit/PowerGridTA-177666221.jpg
In an era of hacker attacks on critical infrastructure, even a run-of-the-mill malware infection on an electric utility's network is enough to raise alarm bells. But the latest collection of power grid penetrations went far deeper: Security firm Symantec is warning that a series of recent hacker attacks not only [...]
Wed, Sep 06, 2017
Source: hitb
https://media.wired.com/photos/59a9eb13c6826f54d72b3f91/master/w_1164,c_limit/roundup-TA.jpg
This week in security, we took a long look at a long-running scam: A man who hacked his way into at least 78 hotel rooms over the course of several years, thanks to a known bug that let him slip in and out like a ghost. Or if you're into [...]
Mon, Sep 04, 2017
Source: hitb
NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, [...]
Fri, Aug 04, 2017
Source: ICS CERT
NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard. According to the public report, which was coordinated with ICS-CERT prior to its public release, researchers Andrea Palanca, Eric [...]
Fri, Jul 28, 2017
Source: ICS CERT
CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers. Additional modules include a data-wiping component and a module capable [...]
Tue, Jul 25, 2017
Source: ICS CERT
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-181-01B Petya Malware Variant that was published July 5, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of reports of a variant of the Petya malware that is affecting several countries. ICS-CERT is releasing this alert to enhance [...]
Fri, Jun 30, 2017
Source: ICS CERT
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-135-01H Indicators Associated With WannaCry Ransomware that was published May 31, 2017, on the NCCIC/ICS-CERT web site. [...]
Mon, May 15, 2017
Source: ICS CERT
This updated alert is a follow-up to the original alert titled ICS-ALERT-17-102-01A BrickerBot Permanent Denial-of-Service Attack that was published April 12, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of open-source reports of “BrickerBot” attacks, which exploit hard-coded passwords in IoT devices in order to cause a permanent denial [...]
Wed, Apr 12, 2017
Source: ICS CERT
NCCIC/ICS-CERT is aware of a public report of a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting the embedded webserver (“PST10 WebServer”) in Miele Professional PG 8528, a large capacity washer and disinfector used in hospitals and laboratory settings to disinfect medical and laboratory equipment. According to this report, [...]
Thu, Mar 30, 2017
Source: ICS CERT


Print pagePDF pageEmail page