An Israeli technology firm says it it looking into accusations made in a published report by Bloomberg that its software was sold to Iran, even as it denies claims in the report that its technology can be used for surveillance.
After first denying their existence, a Siemens spokesman acknowledged on Thursday that his company was aware of a series of security vulnerabilities in its software that could allow remote attackers to take control of industrial control systems.
VIEW SLIDESHOW Threatpost Top Security News Stories of 2011We’ve compiled our list of the Top Security Stories of 2011, presented here in no particular order. These are the issues that shook the world’s markets and kept us awake at night.
As the public debate over the merits and drawbacks of the SOPA bill continues, consumers and privacy advocates already are looking for ways to get around the provisions in the proposed anti-piracy law that they see as unreasonable and oppressive. In one example, a developer has published an extension for Firefox that helps users circumvent SOPA’s domain blacklisting.
A month after an unknown gray hat hacker calling himself “pr0f” used a three character password to hack his way onto computers used to manage water treatment equipment in South Houston, Texas, a security researcher is accusing the company that makes the industrial control system (ICS) software, Siemens, of trying to cover up the existence of other, more serious vulnerabilities.
A band of hackers from China was able to gain access to the U.S. Chamber of Commerce and retrieve information on the organization’s employees for over a year before they were discovered in May 2010, according to a report in the Wall Street Journal today.
Investigations by the BBC suggest a widening probe into alleged computer hacking by UK newspapers. In all, the computer hacking may have been as widespread as now-notorious voicemail hacking conducted by reporters at Rupert Murdoch’s News of the World, and may have compromised classified British intelligence from government officials, the reports say.
The federal government is planning to focus some of its research and development efforts on developing methods for building security into software and hardware systems used in federal agencies. This a major change for the government, which has historically focused its energies on defenses such as IDS, custom desktop images and firewalls.
A report on the Web site of the Christian Science Monitor claims that Iran exploited a long-known vulnerability in the GPS navigation system of the U.S.’s RQ-170 Sentinel drone to force it into landing safely within Iran.
The FBI is one of a handful of U.S. agencies tasked with investigating computer crimes and one of the many roadblocks that has stood in the way of more successful cases and prosecutions is a lack of resources, mostly in the form of trained agents. It looks like the bureau will be getting the money in 2012 to hire more agents for its cybercrime unit, but the 14 new agents included in next year’s budget still aren’t nearly enough to address the full scope of the problem in the U.S., let alone globally.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
