Tag: vulnerabilities

Malware Campaign Against Industrial Systems Almost 3 Years Old

The U.S. Government’s Industrial Control System CERT (ICS-CERT) said on Thursday that a campaign targeting industrial control system (ICS) software began in January, 2012 and targeted industrial systems that were directly connected to the public Internet. ICS-CERT said in an alert published on Wednesday that “HMI” (or Human-Machine Interfaces) products from vendors including GE, Advantech/Broadwin and Siemens may have been infected with variants of the BlackEnergy malware since January, 2012. Infected firms were running versions of the GE’s Cimplicity, Advantech/Broadwin’s WebAccess or Siemens’ WinCC with what ICS-CERT called a “direct Internet connection.” In some cases, as with the GE Cimplicity attacks, hackers exploited a known vulnerability in the Cimplicity software to gain access. In others (as with WebAccess and WinCC) the method by which the software was compromised isn’t known, ICS-CERT said. CERT said it hasn’t documented any cases of control processes being modified by the malware. However, BlackEnergy is typically used […]

Continue Reading

The Security of Things: Video Available

We held our first ever security and Internet of Things event back in May. The Security of Things Forum took place in Cambridge, MA (“Our Fair City”) on May 7 and brought together about 100 thought leaders and entrepreneurs for a day of discussion and debate about how best to prepare for the explosion of connected devices in the enterprise, the home, the public sector and public spaces. Since then we’ve made a couple of these sessions public: the keynote presentation by In-Q-Tel CISO Dan Geer, and a panel on enterprise risk and IoT, chaired by INEX Advisors’ founder Chris Rezendes. Attendees have had access to all the sessions, as well. But now we’re throwing the doors open to the public and making all the conference sessions available to the public, as well as some 1:1 interviews with our speakers. We invite you all to head on over and check […]

Continue Reading

Essentials for Visibility-Driven Security

Visibility is surprisingly tricky. The security industry offers many disparate tools to provide customers “visibility” into what is happening on their networks. Among them are tools that track what applications are on the network, tools for enumerating and tracking software vulnerabilities, tools for determining when sensitive data has left a network, tools that indicate when attacks are underway and tools that identify and analyze network data flows – to name just a few. Of course, layered on top of all this “visibility” are further systems that correlate and analyze what the mission-specific tools are seeing. Promises of a “single pane of glass” aside, the result is often a mishmash of data and events that require skilled security practitioners to analyze and interpret. The mishmash, in turn, leads to errors in analysis and prioritization. Albert Einstein famously said  “Any fool can know. The point is to understand.” So it is in the information security industry, where a common refrain is “you can’t protect […]

Continue Reading

Dusting For Malware’s Bloody Prints

Malicious software is nothing new. Computer viruses and worms have been around for decades, as have most other families of malware like remote access tools (RATs) and key loggers. But all our experience with malware hasn’t made the job of knowing when our organization has been hit by it any easier. In fact, recent news stories about breaches at Home Depot, Target, Staples and other organizations makes it clear that even sophisticated and wealthy corporations can easily overlook both the initial compromise and endemic malware infections – and at great cost. That may be why phrases like “dwell time” or “time to discovery” seem to pop up again and again in discussions of breach response. There’s no longer any shame in getting “popped.” The shame is in not knowing that it happened. Greg Hoglund says he has a fix for that latter problem. His new company, Outlier Security, isn’t “next generation […]

Continue Reading

You’re Doing NAT Wrong! One Million SOHO Routers Vulnerable

A vulnerability in more than 1 million small office and home office (or SOHO) routers makes them potentially vulnerable to remote attacks that could expose private internal network traffic to prying eyes, according to a warning posted by the firm Rapid7.

Continue Reading
1 98 99 100 101 102 148