A proof of concept worm demonstrated at BlackHat Asia shows that the programmable logic controller (PLC) worm could be a disaster for power plants and other utilities. David Meltzer, Chief Research Officer for Tripwire provides an insight below. David Meltzer, Chief Research Officer, Tripwire: “This research shows how serious the risk is to industrial environments. While theoretically this could spread extremely quickly, organizations that follow good security practices can do much to mitigate these kinds of attacks today.” Meltzer explains, “Industrial firewalls that implement IEC62443 guidelines segment networks into zones that would prevent PLCs from broadly communicating with each other. Following…
Author: Information Security Buzz Editorial Staff
The issue of government access to private encrypted data has been in the public eye since the San Bernardino shootings in December, 2015. When an iPhone was found the FBI requested that Apple write code to override the phone’s security features. The FBI was ultimately able to decrypt the phone without Apple’s assistance. However, the ensuing debate over encryption has just begun. High profile criminal and national security issues serve to shed light on an issue which is pervasive throughout the country. Local governments presumably have thousands of devices they would like to decrypt for investigatory purposes as New York…
One of the biggest cyber attacks ever has left millions of email users at risk from being hacked. 272 million email accounts have been compromised, with Russian hackers obtaining user names and passwords. Gmail, Yahoo and Microsoft mail users are all thought to have been targeted, although the majority of the hack appears to have hit Mail.ru accounts. IT Security experts from ESET, MIRACL, Veracode, AlienVault, Imperva, Lieberman Software and Centrify provide insight: Ondrej Kubovič, Security Specialist at ESET: “According to information provided by Hold Security, it seems to be a yet another large data breach, the origin of which was not found…
Ransomware has overtaken news about APT attacks to become the main topic of the quarter. According to Kaspersky Lab’s Q1 malware report, the company’s experts detected 2,900 new malware modifications during the quarter, an increase of 14 per cent on the previous quarter. Kaspersky Lab’s database now includes about 15,000 ransomware modifications, and the number continues to grow. In the first quarter of 2016, Kaspersky Lab security solutions prevented 376,602 ransomware attacks on users, 17 per cent of which targeted the corporate sector. The number of attacked users increased by 30 per cent compared to Q4, 2015. One of the…
In light of Google being given access to NHS data, David Emm, principal security researcher at Kaspersky Lab commented below. David Emm, principal security researcher at Kaspersky Lab: The news of Google being given access to NHS data is an interesting development, not least because this agreement brings the issue from the theoretical ‘Are you happy with the NHS sharing data in principle?’ to ‘Are you happy for a commercial company (in this case Google) to have your data?’ In fact, a recent study by Kaspersky Lab found that UK consumers feel helpless about increasingly complex online threats to their…
Forcepoint Security Labs Special Investigations team has discovered and documented a global botnet affecting thousands of victims – we call this investigation “JAKU”. What is JAKU? JAKU is the name of the investigation by the Forcepoint Security Labs Special Investigations team into a botnet campaign. Obscured by the noise of thousands of seemingly indiscriminate botnet victims, the JAKU campaign performs a separate, highly targeted operation. JAKU has approximately 19,000 victims at any one time spread over 134 countries! JAKU has a truly global footprint but we found concentrations of Command and Control servers and victims in APAC. Victims were observed…
Another day, another hospital shut down by ransomware. And while going back to pen and paper and avoiding anything connected to the web may start to sound like a valid option, it’s not a realistic one. You can’t just throw in the towel or wave the white flag. However, there are a few practical steps you can take to avoid being taken down by ransomware and shut it down if your company falls victim. Avoiding Ransomware There are several techniques a company can use to avoid ransomware and some of the methods being actively discussed include changing your computer’s language to…
Recently, the Check Point research team had the opportunity to analyze a mobile banker malware attack from end-to-end. Our team managed to lay hands on the infiltration vector, the malware itself, and the attacker’s Command and Control (C&C) servers. This attack gave us a rare chance to understand the full flow of an attack from infiltration to theft. The malware we observed is the notorious Marcher banker. This malware has greatly evolved since it first appeared in 2013, targeting Russian Google Play users by stealing their credit card information. It has developed a capability to steal bank credentials as well,…
A report from a University of Michigan & Microsoft research team demonstrates how Samsung’s SmartThings platform may be especially vulnerable to hackers. Security experts from Rapid7, prpl Foundation and Veracode provide an insight below. Deral Heiland, Research Lead, Rapid7: The University of Michigan research conducted on the Samsung Smart home IoT solutions points out several key issues that span well past Samsung and potentially impacts a large quantity of smart technology. Three important areas were pointed out during this research. Excessive access rights of the primary Mobile application Insecure 3rd party application with excessive access rights…
Young bounty hunter discovered a security vulnerability in Instagram, which allowed him to delete account information, Paul Farrington, Senior Solution Architect at Veracode explore the value of bounty programmes.. Paul Farrington, Senior Solution Architect at Veracode: “That once again a young adult was able to learn techniques picked up from YouTube and online articles to successfully hack a high profile brand continues to demonstrate the value of Bounty programmes and responsible disclosure to companies. “For while in this case, no users’ content was at risk as the bug was found as part of a bounty programme, organisations can’t all rely on…
