In-brief: cyber attacks that affect physical systems are still a small minority of all incidents. But they’re becoming more common. What are some of the attacks we’ve seen to date and what do they tell us about what’s to come? Check out this slide show for an answer to those questions.
In-brief: Markets for information on software vulnerabilities are good for security. But they can also raise moral and ethical quandaries, especially in an age of cyber physical risks, argues Cisco’s Marc Blackmer.
In-brief: Security firm FireEye is claiming to have discovered proof-of-concept malicious software that targets industrial control systems software that is used to operate critical infrastructure worldwide.
In-brief: Kaspersky Lab issued a report Monday alleging its researchers discovered evidence of a long-running cyber espionage campaign with links to the U.S. government and National Security Agency.
Symantec on Sunday published research describing a new family of malware that it claims has been circulating, quietly, for close to six years. (Gulp!) According to a post on Symantec’s Security Response blog, Regin infections have been observed as far back as 2008, but the malware went quiet after about 2011, only to resurface in 2013 in attacks on a wide range of targets including private and public entities and research institutes. Symantec also observed the malware used in attacks on telecommunications firms and say it appears the malware was being used “to gain access to calls being routed through their infrastructure.” In a separate research paper, Symantec describes the malware, dubbed “Backdoor.Regin” as a multi-staged threat that uses encrypted components – installed in a series of stages – to escape detection. The key the malware’s stealth is compartmentalization, Symantec found: “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible […]