Tag: vulnerabilities

Industrial Control Vendors Identified In Dragonfly Attack

Two of the three vendors who were victims of a targeted malware attack dubbed ‘Dragonfly’ by the security firm Symantec have been identified by industrial control system security experts. Writing on Tuesday, Dale Peterson of the firm Digitalbond identified the vendors as MB Connect Line, a German maker of industrial routers and remote access appliances and eWon, a Belgian firm that makes virtual private network (VPN) software that is used to access industrial control devices like programmable logic controllers. Peterson has also identified the third vendor, identified by F-Secure as a Swiss company, but told The Security Ledger that he cannot share the name of that firm. The three firms, which serve customers in industry, including owners of critical infrastructure, were the subject of a warning from the Department of Homeland Security. DHS’s ICS CERT, the Industrial Control Systems Computer Emergency Response Team, said it was alerted to compromises of the vendors’ by researchers […]

Continue Reading

RSA: Boleto Fraud Ring in Brazil Linked To Billions in Bogus Transactions

RSA, the security division of EMC Corp. said on Wednesday that its researchers uncovered a massive online fraud ring that has infiltrated The Boleto, a popular payment method in Brazil. RSA said in a blog post on Wednesday that a coordinated investigation a “Boleto malware or ‘Bolware’ fraud ring that may have compromised 495,753 Boletos transactions over a two-year period. The value of the transactions is estimated at $3.75 billion USD, or $8.57 Brazilian Reals.  The Boleto is a popular and regulated electronic payment system that is the second most popular form of payment in the country, after credit cards. According to RSA, the malware in question allows attackers to carry out man-in-the-browser attacks that modify transaction details on an infected client system so that funds are directed into mule banking accounts controlled by the fraudsters. RSA researchers discovered 8,095 fraudulent Boleto ID numbers tied to 495,753 compromised transactions. The Bolware botnet is […]

Continue Reading

Cisco: MS Word Macro Attacks Still Work Just Fine

We like to throw around the term ‘Advanced Persistent Threat’ casually these days to refer to a whole range of sophisticated and persistent attacks – usually on high value targets. But a blog post today by Cisco Systems makes clear that many otherwise sophisticated attackers do just fine with some pretty low tech and old school methods. Case in point: an attack Cisco is dubbing “String of Paerls-” a series of attacks on companies involved in research and what Cisco calls the ‘industrial manufacturing vertical.’ According to the report, the attacks start with a decidedly old school attack: a Microsoft Word document that includes a malicious Office Macro.”When the victim opens the Word document, an On-Open macro fires, which results in downloadin and executable and launching it on the victim’s machine.” Now, macro-based attacks are truly vintage. They first came to light in the late 1990s, with the Melissa virus – an early and successful […]

Continue Reading

This Week In Security: Poking Holes In Two Factor Authentication

It was another busy week in the security world. There was big news on the legal front, as The U.S. Supreme Court took steps to protect the data stored on mobile devices from warrantless searches by police. (That’s good news.) But the week also plenty of concerning stories about the security of data stored on mobile phones, tablets and the like. One of the stories that gained a lot of attention was DUO Security’s report on a flaw in PayPal’s two factor authentication feature that could expose the accounts of  security-conscious PayPal users. As The Security Ledger reported, DUO researcher Zach Lanier discovered a flaw in mobile APIs published by PayPal that would allow anyone with a valid PayPal user name and password to sidestep two-factor authentication when accessing PayPal accounts that had that option enabled. After DUO went public with information on the flaw, PayPal disabled two factor authentication […]

Continue Reading

Goldman Sachs: Security Worries Could Hamper Internet of Things

A report from the financial service giant Goldman Sachs is bullish on the growth of Internet of Things, calling the explosive growth of connected devices a third phase in the development of the Internet – and perhaps the biggest yet. Those are heady words – especially considering the market hype and hysteria that surrounded the first “dotcom” phase. But there’s a catch, apparently: security. According to the web site Valuewalk, concerns about security and privacy are real obstacles to IoT technology adoption. “Security concerns escalate to a whole new level with the Internet of Things,” the Goldman Sachs report notes, citing high profile incidents of hackable home monitoring cameras. (See our coverage of vulnerabilities in the IZON cameras as one example.) Alas, the solution to the insecure devices problem is not simple. Problems range from poor application security during the design phase, to insecure default configurations that leave devices exposed to […]

Continue Reading
1 109 110 111 112 113 148