Browsing Tag: vulnerabilities

A long list of industrial-control modules manufactured by Schneider Electric and used to control operations at various industrial facilities contain multiple weaknesses and vulnerabilities that could allow an attacker to modify the firmware, login remotely and run arbitrary code on the vulnerable components. Security researcher Ruben Santamarta discovered and disclosed the problems and the ICS-CERT is warning users about the issue, as well.

Read more...

Categories: Microsoft, Vulnerabilities

Microsoft on Tuesday released 13 security bulletins, including three for critical flaws in Windows Media and in the Windows kernel-mode drivers. The company had planned on releasing 14 bulletins in December’s Patch Tuesday shipment, but officials said that one of the planned fixes was causing a compatibility problem with a third-party vendor’s products and is being held until that issue is remedied.

Read more...

Categories: Hacks, Vulnerabilities

Java has become virtually unavoidable in the last few years, and it’s installed on hundreds of millions of PCs around the world. A huge number of those installations are vulnerable versions of Java, and this fact has not escaped the attention of attackers, who have made the technology one of their favored targets. In fact, new data from Microsoft shows that Java exploits were the most prevalent in the first six months of 2011, and that attackers often use exploits for bugs that are several months or years old.

Read more...

Researchers have known for years that virus writers and attackers pay close attention to the analyses researchers do of their work, and it appears that the Duqu authors are no exception. Shortly after the first public reports about Duqu emerged in early autumn, the crew behind Duqu wiped out all of the command-and-control servers that had been in use up to that point, including some that had been used since 2009.

Read more...