Symantec, the security software firm, is reporting that its researchers have discovered a new, malicious “worm” that is spreading on the Internet and has been adapted to attack embedded devices running the Linux operating system, including many devices that are part of the Internet of Things. Writing on the Symantec research blog, Kaoru Hayashi, a threat analyst within Symantec’s Security Response organization, said that the company had uncovered the worm, dubbed Linux.Darlloz, spreading between more common PC systems. However, an analysis of the program revealed that its creators were thinking big: engineering the worm to be capable of attacking a “range of small, Internet-enabled devices in addition to traditional computers.” Specifically, Symantec’s team found variants of Darlloz for chip architectures common in devices ranging from home routers and set-top boxes to security cameras. The warnings about an “Internet of Things worm” were hypothetical, however. Hayashi said that no attacks against non-PC […]
Vulnerabilities
Verizon: New Cloud Encryption Service Will Secure IoT Devices
Identity is one of the biggest challenges facing companies that are deploying products for the “Internet of Things,” as well as traditional enterprises that find IoT technologies of all types knocking at the door. The question, in short, is “how do I know that this device is legitimate, and ties back to an identity that I trust with access to my network resources and data? Of course, identity management has always been an aching problem in the enterprise space. The problem with the IoT is scale – given the sheer size of the IoT (30 billion connected devices by 2020), you can add a few “zeros” onto the number of devices that could, potentially, be seeking access to your network at any time. [Related read: Identity Management’s Next Frontier: The Interstate] It makes sense that, in a distributed environment like that, the cloud may be the best place to address […]
At FTC Forum, Experts Wonder: Is Privacy Passé?
The U.S. Federal Trade Commission (FTC) used a one-day workshop to highlight security and privacy issues prompted by so-called “Internet of Things.” But attendees at the event may have walked away with a more ambiguous message, as prominent technologists and industry representatives questioned whether conventional notions of privacy had much relevance in a world populated by billions of Internet-connected devices. “I don’t feel like privacy is dead,” keynote speaker Vint Cerf, a Vice President and Chief Internet Evangelist at Google, told an audience at the FTC workshop. “I do feel like privacy will be increasingly difficult for us to achieve,” Cerf warned. And Cerf wasn’t alone in wondering whether that might not be such a bad thing – or even that unusual. “Is privacy an anomaly?” Cerf wondered aloud, recalling his experience living in a small, German town where the “postmaster knew what everyone was doing.” Our modern concept of being ‘alone […]
Malware Supply Chain Links Eleven Attacks
Fresh off their discovery of a previously unknown (‘zero day’) security hole in Microsoft’s Internet Explorer web browser, researchers at the security firm Fireeye say that they have evidence that a string of sophisticated attacks have a common origin. In a report released on Monday (PDF), the firm said that many seemingly unrelated cyber attacks identified in the last year appear to be part of a “broader offensive fueled by a shared development and logistics infrastructure” — what Fireeye terms a ‘supply chain’ for advanced persistent threat (APT) attacks. At least 11 APT campaigns targeting “a wide swath of industries” in recent months were found to be built on a the same infrastructure of malicious applications and services, including shared malware tools and malicious binaries with the same timestamps and digital certificates. “Taken together, these commonalities point to centralized APT planning and development,” Fireeye wrote. The attacks link at least 11 separate […]
Ephemeral, In-Memory Attack Used With New IE 0Day
It was just last week that we wrote about research from the security firm Triumfant that found evidence for the growing use of ephemeral “diskless” malware. That point was driven home over the weekend, with a report from the firm Fireeye that found a new Internet Explorer zero day vulnerability was being used in conjunction with a disk-less variant of the Hydraq (aka “McRAT”) Trojan horse program. Fireeye first called attention to the existence of attacks exploiting new, “zero day” (or previously unknown) vulnerabilities in the Internet Explorer web browser on Friday. The company discovered the malicious activity on the web site of a “strategically important website” that was being used as a “watering hole” to attack visitors who were “interested in national and international security policy.” The company described two IE vulnerabilities: an information leakage hole and an IE out-of-bounds memory access vulnerability. The information leak affects Windows XP […]
