Browsing Tag: Hacking

Massive Compromise of WordPress Sites Leads To Phoenix Exploit Kit

Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the WordPress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems.

Read more...

UPDATE: Why Stuxnet-Like Attacks Aren’t Going Away

Ralph Langner is the closest thing to a rock star that you get in the Dockers and pocket-protector world of industrial control systems. The German researcher made headlines in 2010 as among the first security experts to analyze parts of the Stuxnet worm’s code devoted to manipulating programmable logic controllers by Siemens, and the first to explicitly link the Stuxnet malware with an effort to disable Iran’s uranium enrichment operation.

Read more...

UPDATE: Looking For a ‘FireSheep’ Moment, Researchers Lay Bare Woeful SCADA Security

Miami, Florida – A no-holds barred presentation at the S4 Conference laid bare the woeful state of security for many industrial control systems that power the world’s critical infrastructure. Organizers have also cooperated with security scanning firms Rapid7 and Tenable to release modules for the Metasploit and Nessus products that can test for the discovered security holes.

Read more...

UPDATE – Stuxnet Expert: Analysis Shows Design Flaw, Not Vulnerability Sunk Siemens

MIAMI–The world’s foremost expert on the Stuxnet worm said an analysis of source code for a critical component of the malware prove that Iran’s nuclear program was the target, and that attackers were able to exploit weak design in Siemens software, rather than having to exploit a software vulnerability to carry out their attack.

Read more...

UPDATE: Slammed And Blasted A Decade Ago, Microsoft Got Serious About Security

Categories: Microsoft, Vulnerabilities

UPDATE: A decade ago this week, Chairman Bill Gates kicked off the Trustworthy Computing Initiative at Microsoft with a company-wide memo. The echoes of that memo still resonate throughout the software industry today as other firms, from Apple to Adobe, and Oracle to Google have followed the path that Microsoft blazed over the past ten years.

Read more...

At FBI’s Cyber Crime Conference: Chest Thumping And Head Scratching In Equal Measure

Long content to talk about the “what” behind cyber crime, the nation’s top computer security cops descended on New York City this week for the FBI’s International Conference on Cyber Crime ready to talk about “who.” But while discussions of tools and techniques for identifying criminal actors online dominate the schedule, cyber security experts say law enforcement still has a long way to go.

Read more...