In February, I wrote about some malware that lives inside the firmware of a disk drive. As a result of where it lives, no anti-malware software can detect it. (Curious note: The firmware of a disk drive can be written to in order to update it, but there is no command to read it back. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Well, that headline should get your attention. The good news is the risk is relatively low. The bad news is that the patch process in the Android ecosystem is very broken. So what is a researcher to do – announce the vulnerability at Blackhat London. And, unfortunately, there is nothing for a user to do […]
Continue reading → [DISPLAY_ACURAX_ICONS]Katherine Archuleta, in testimony before Congress said that she realized when she assumed her post 18 months ago that the agency had huge cyber security issues. When pressed on why the data was not encrypted, her response was that it is hard to do on systems that are that old. However, Dr. Ozment, DHS assistant […]
Continue reading → [DISPLAY_ACURAX_ICONS]The WSJ Blog had a guest post from Deloitte talking about why the U.S. electric grid is still vulnerable to attack. The short answer is that the grid is being used and managed in a way that it was never designed to operate and the utilities and manufacturers have not adjusted to that fact (see […]
Continue reading → [DISPLAY_ACURAX_ICONS]Forbes (and the rest of the media) is reporting that LastPass has put out a press release saying that they suffered a breach. The good news is that LastPass claims that they never have your master password. They also say that they don’t have any evidence that password files were downloaded. That doesn’t mean that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Kaspersky Labs, who first reported the existence of the Duqu2 malware that attacked both Kaspersky itself and three hotels that hosted the Iranian nuclear talks, is now reporting that part of the attack uses malware laced drivers signed with digital certificates from Foxconn, who is best known as Apple’s contract manufacturer in China (see Kaspersky’s […]
Continue reading → [DISPLAY_ACURAX_ICONS]