ICS-CERT

Russia Cozy Bear CrowdStrike

FBI, DHS warn Russian Dragonfly Group Still Targeting US Critical Infrastructure

The Department of Homeland Security and the FBI on Thursday warned that the so-called “Dragonfly” hackers linked to the government of Russia are engaged in a “multi-stage intrusion campaign” against U.S. critical infrastructure, including the energy, nuclear, aviation and manufacturing sectors. 

NXP ColdFire

Flaw in MQX Operating System Could Put Internet of Things in Crosshairs

Flaws in software run by a range of microprocessors could be widespread in embedded systems, security experts and the Department of Homeland Security are warning.

TP-Link WR-841n

Update: Flaw in widely used Wi-Fi Standard could allow snooping

Hundreds of millions of wireless devices may be affected by a flaw in WPA-2, a widely used standard for securing wireless Internet connections.  (Updated to add commentary by Bob Rudis of Rapid 7.)

Updated: Intel Fixes ‘Nightmarish’ Firmware Flaw But Nobody’s Safe

In-brief: Intel issued a patch for a serious vulnerability in firmware that has shipped with its chipsets for almost nine years, but it could take months for patches to reach affected customers from OEMs. (Editor’s note: updated with analysis from Matthew Garrett. PFR May 2, 2017.)

man at computer

DHS warns of BrickerBot Threat to Internet of Things

In-brief: the Department of Homeland Security is warning about destructive attacks by BrickerBot, a new piece of malicious software that attacks Linux devices and renders them useless, wiping out critical configuration information and data from the devices.