The Department of Homeland Security and the FBI on Thursday warned that the so-called “Dragonfly” hackers linked to the government of Russia are engaged in a “multi-stage intrusion campaign” against U.S. critical infrastructure, including the energy, nuclear, aviation and manufacturing sectors.
Flaws in software run by a range of microprocessors could be widespread in embedded systems, security experts and the Department of Homeland Security are warning.
Hundreds of millions of wireless devices may be affected by a flaw in WPA-2, a widely used standard for securing wireless Internet connections. (Updated to add commentary by Bob Rudis of Rapid 7.)
In-brief: Intel issued a patch for a serious vulnerability in firmware that has shipped with its chipsets for almost nine years, but it could take months for patches to reach affected customers from OEMs. (Editor’s note: updated with analysis from Matthew Garrett. PFR May 2, 2017.)
In-brief: the Department of Homeland Security is warning about destructive attacks by BrickerBot, a new piece of malicious software that attacks Linux devices and renders them useless, wiping out critical configuration information and data from the devices.