In-brief: news from incumbent endpoint protection firms Symantec and Kaspersky Lab that they are ramping up efforts to sell their wares into industrial control systems environments suggests that the death of anti virus may have been greatly exaggerated.
Software
Updated: Vulnerability on 3m Systems Could Spread Ransomware To Schools
In-brief: Researchers at Cisco Systems said that they had identified more than 3 million “at risk” application servers running a vulnerable component that has been linked to ransomware infections. More than 1,600 of those systems have already been compromised, including many school libraries. Updated to add comment from Follett Corp. PFR 4/18/2016
Another Supply Chain Mystery: IP Cameras Ship With Malicious Software
In-brief: The discovery of a malicious link buried in software for a common IP camera sold on Amazon and other online retail outlets is just the latest example of supply chain based threats to connected products.
UL Charges for Cyber Standards, Draws Scrutiny
In-brief: Product testing firm Underwriters Laboratories drew scrutiny by charging for copies of new standards for connected devices. But security experts say the new UL standards are poised to have a big impact – especially in industries like medicine and critical infrastructure.
Serial To Ethernet Converters are the Huge Critical Infrastructure Risk Nobody Talks About
In-brief: There are more warnings that a common piece of hardware known as Serial-to-Ethernet converters are very vulnerable to remote attacks – and more evidence that the vendors who manufacture them aren’t in a rush to fix the holes.
