What if the attack on the Kiev power station last Christmas which killed power to a goodly chunk for the city was just a dry run? For what? Security researchers at ESET and Dragos analyzed the malware used in the attack and say it represents a dangerous advancement in attacks on critical infrastructure. Like Stuxnet […]
Continue reading → [DISPLAY_ACURAX_ICONS]Microsoft has detailed an attack by an Asian hacking group that can evade the Windows (or likely any other OS) Firewall. That is because the attack operates at a level below the operating system. Microsoft has dubbed the group PLATINUM. The attack leverages a known flaw in the Intel Management Platform called Active Management […]
Continue reading → [DISPLAY_ACURAX_ICONS]When Dick Cheney was Veep, stories kept popping up that the Secret Service had made sure that his pacemaker was not remotely controllable. Some people weren’t sure that it was a problem – not because they didn’t like Cheney, but because they didn’t think they were hackable. Well now we have a different story. Researchers […]
Continue reading → [DISPLAY_ACURAX_ICONS]An unnamed but well speculated bank in Brazil (likely Banrisul) had its DNS servers taken over by hackers for a period of about 6 hours one Saturday afternoon last October. Before I explain the impact, let me spend a minute on what DNS is and why it is important. The Internet works on numbers; humans […]
Continue reading → [DISPLAY_ACURAX_ICONS]While this is not unusual it is still worth reiterating. A web server at the Paul F. Glenn Center for the Biology of Aging at Stanford hosted malware for months, undetected. The malware started by installing a web shell onto the web server. This shell was able to do a number of things including upload […]
Continue reading → [DISPLAY_ACURAX_ICONS]For years we have been worrying about whether the apps (or applications) that we use are secure. Now we have to worry about whether the back end servers that our apps talk to are secure. You may remember that recently hackers discovered thousands of Mongo database servers that had no Admin password and created a […]
Continue reading → [DISPLAY_ACURAX_ICONS]