Tag: patching

For all the hoopla, the biggest question one week after WannaCry is: 'where are all the victims'? (Image courtesy of Martin Spiske. Licensed via Creative Commons.)

The WannaCry Missing: Federal Systems, Consumers

In-brief: One week after the WannaCry ransomware knocked out hospitals in the UK and subway fare systems in Germany, the malware is as notable for who it didn’t affect for who it did. Among those spared WannaCry’s wrath: federal IT systems in the U.S. as well as consumers. But why?

Trend said attackers could remotely or locally tamper with control parameters on industrial robots, which lack security features found in modern IT systems.

Report warns of Robot Hacks, Tampering

In-brief: Common industrial robots are susceptible to hacks and other forms of electronic hacking that could cause physical harm to workers or result in flawed and dangerous products.

Updated: Intel Fixes ‘Nightmarish’ Firmware Flaw But Nobody’s Safe

Updated: Intel Fixes ‘Nightmarish’ Firmware Flaw But Nobody’s Safe

In-brief: Intel issued a patch for a serious vulnerability in firmware that has shipped with its chipsets for almost nine years, but it could take months for patches to reach affected customers from OEMs. (Editor’s note: updated with analysis from Matthew Garrett. PFR May 2, 2017.)

Program code on a monitor

Code Tutorials Spread Application Flaws Far and Wide

In-brief: Researchers at universities in Germany, working with the security firm Trend Micro, discovered more than 100 vulnerabilities in GitHub code repositories simply by looking for re-used code from tutorials and other free code samples. The same method could be harnessed by cyber criminals or other sophisticated attackers to find and exploit vulnerabilities in software applications, the researchers warned.

A report from the firm FireEye warns that industrial firms still have work to do securing their environments from cyber attacks.

Seven Years After Stuxnet, Industrial Firms Still Lag on Security

In-brief: Seven years after the Stuxnet worm proved that attacks on industrial environments was possible, many industrial and manufacturing firms still lack basic elements of an effective information security strategy, a new report finds.