Post Tagged with: "vulnerabilities"

Ransomware Crime Wave Gets its Guardian Angels

July 28, 2016 11:250 comments
A group of law enforcement agencies and technology firms have joined forces to help ransomware victims get their files back.

In-brief: a group of law enforcement and security technology firms that have joined forces to help victims of ransomware fight back.

Read more ›

The Good, Bad and Ugly of Vulnerability Markets

July 27, 2016 09:420 comments
Markets for software vulnerabilities promise to increase security, but also raise difficult moral and ethical questions, says Cisco's Marc Blackmer.

In-brief: Markets for information on software vulnerabilities are good for security. But they can also raise moral and ethical quandaries, especially in an age of cyber physical risks, argues Cisco’s Marc Blackmer.

Read more ›

Code Blue: Thousands of Bugs Found on Medical Monitoring System

July 26, 2016 09:291 comment
The Department of Homeland Security warned of hundreds of vulnerabilities in a hospital monitoring system sold by Philips. Security researchers who studied the system said the  security holes may number in the thousands.

In-brief: The Department of Homeland Security warned of hundreds of vulnerabilities in a hospital monitoring system sold by Philips. Security researchers who studied the system said the security holes may number in the thousands.

Read more ›

Auto Industry Publishes Best Practices for Cybersecurity

July 22, 2016 18:080 comments
New Best Practices Guidelines from the Auto Industry ISAC are intended to promote cyber security. (Image courtesy of The Library of Congress.)

In-brief: An Automotive industry information sharing group has published Best Practices” document, giving individual automakers guidance on improving the cybersecurity of their vehicles.

Read more ›

Trainwreck: Study Calls for Rethink of Rail Security

July 19, 2016 16:430 comments
A study finds that security planning for rail networks doesn't anticipate remote cyber attacks as a risk. (Image courtesy of Library of Congress)

The folks over at SCADA Strangelove turned me on to this article from the International Railway Journal that presents the findings of an analysis of the security of industrial control and SCADA systems used to manage railway networks. The conclusion: railways are rife with “faults and vulnerabilities (that will) allow cyber criminals to not only degrade key reliability parameters and bypass safety mechanisms (and) carry out attacks which directly affect rail traffic safety.” The study was conducted by Valentin Gapanovic, the senior vice president of Russian Railways, Efim Rozenberg, the first deputy director general at the Moscow based research firm NIIAS JSC and Kaspersky Lab Deputy Chief Technology Officer Sergey Gordeychik. At issue is not just the systems that are used to manage railway networks, including the movements of trains and critical switching systems that configure tracks. Rather: it is the culture of safety and security in the rail sector which, the study concludes, is still silo’d between physical […]

Read more ›