In-brief: Google’s security team on Thursday announced the release of a new tool, OSS-Fuzz that it says will improve the security of the Internet by providing realtime, automated secruity testing of common open source components.
In-brief: More than 100,000 homes in the UK had their Internet access interrupted by an attack on broadband routers. The incident is believed to be part of a larger attack that affected some 900,000 Deutsche Telekom customers last week.
Researchers from universities in Belgium and the UK have published research showing that a wide range of implantable medical devices, including implantable defibrillators are still vulnerable to wireless snooping and denial of service attacks. The research, which mimicked the work of a naive (or “weak”) adversary, found that few security protections have been added to such devices, years after researchers first demonstrated that they are vulnerable to wireless attacks and other manipulation. The discoveries apply to at least 10 types of implantable cardiac defibrillators (ICDs) that are currently on the market, though the devices and manufacturers are not named. The researchers, from Katholieke Universiteit te Leuven in Belgium (KU Leuven) and the University of Birmingham in the United Kingdom echoes the claims made by the firm MedSec earlier this year, which warned of security holes in ICD devices made by St. Jude in August. That research was the foundation of a call […]
San Francisco’s Municipal Transportation Agency (MTA) was hit with a ransomware attack over the weekend, disrupting a number of agency computer systems including email, the MTA said in a statement on Sunday. And security experts say that the ransomware used has a reputation for virulence. Computer terminals observed at MTA (or “Muni”) stations displayed a message that read, in part, “You Hacked. All Data Encrypted” over the weekend, paralyzing toll collection operations and forcing the MTA to open its turnstiles and let the public ride for free. According to a report by The San Francisco Examiner claims that the ransomware thieves have infected more than 2,000 of the agency’s 8,000 computers, affecting not only fare collection, but also systems that assign routes to bus drivers. The thieves are demanding $73,000 in ransom, paid in bitcoin. In a statement on Sunday, San Francisco MTA said that the attack “disrupted some of our […]
In-brief: The U.S. Department of Defense published guidelines on Monday for independent security researchers to disclose vulnerabilities in DoD’s public facing systems. The program, managed by the firm HackerOne, provides a legal route for hackers to disclose vulnerabilities to the military.