Tag: critical infrastructure

Program code on dark background (selective focus)

Google Unveils OSS-Fuzz to test Open Source Software Security

In-brief: Google’s security team on Thursday announced the release of a new tool, OSS-Fuzz that it says will improve the security of the Internet by providing realtime, automated secruity testing of common open source components.

Attacks on home broadband routers by machines infected with Mirai, a botnet program, have knocked customers offline in the UK, as well as Germany, according to reports. Internet users in other countries may be affected, as well. (Image courtesy of Zyxel.)

Mirai Botnet attacks on Home Routers felt in UK, also

In-brief: More than 100,000 homes in the UK had their Internet access interrupted by an attack on broadband routers. The incident is believed to be part of a larger attack that affected some 900,000 Deutsche Telekom customers last week. 

Mira botnet infections globally. (Image courtesy of Imperva.)

Report: Millions (and Millions) of Devices Vulnerable in latest Mirai Attacks

In-brief: Attacks that took 900,000 broadband routers offline in Germany have hit other countries as well, as security experts warn that the number of devices vulnerable to attack could number in the millions. 

Fare collection systems, email and other critical systems used by San Francisco's transit agency were crippled by an outbreak of ransomware over the weekend, the agency confirmed. (Image courtesy of SFMTA.)

Ransomware Used Against Muni Known As Harsh, Virulent

San Francisco’s Municipal Transportation Agency (MTA) was hit with a ransomware attack over the weekend, disrupting a number of agency computer systems including email, the MTA said in a statement on Sunday. And security experts say that the ransomware used has a reputation for virulence. Computer terminals observed at MTA (or “Muni”) stations displayed a message that read, in part, “You Hacked. All Data Encrypted” over the weekend, paralyzing toll collection operations and forcing the MTA to open its turnstiles and let the public ride for free. According to a report by The San Francisco Examiner claims that the ransomware thieves have infected more than 2,000 of the agency’s 8,000 computers, affecting not only fare collection, but also systems that assign routes to bus drivers. The thieves are demanding $73,000 in ransom, paid in bitcoin. In a statement on Sunday, San Francisco MTA said that the attack “disrupted some of our […]

The Department of Defense unveiled a public bug bounty program on Monday, standardizing rules for security researchers to report information on vulnerabilities in public facing systems operated by the Department of Defense.

Department of Defense Sets Ground Rules for Hackers

In-brief: The U.S. Department of Defense published guidelines on Monday for independent security researchers to disclose vulnerabilities in DoD’s public facing systems. The program, managed by the firm HackerOne, provides a legal route for hackers to disclose vulnerabilities to the military.