본문 바로가기

Security_News/해외보안소식

요구가와 ICS 시설에 심각한 취약점 존재 수천개의 ICS 시설에 심각한 취약점 존재 요코가와 전력회사의 센텀 CS3000 R3 통제시스템에 있는 심각한 취약점으로 인해 스턱스넷과 같은 악성코드에 취약한 것으로 나타났다. 전 세계적으로 7,600개 이상의 전력 및 화학 시설이 윈도 기반의 시스템을 이용하고 있다. 이러한 취약점을 공격하면 정보가 누출되고, 휴먼인터페이스 스테이션(HIS)를 해킹할 수 있다. 일단 공격자가 HIS를 통제하면, 전력 터빈 및 장비와 같은 시스템이 관리하는 기기들을 통제가능하다. 요코가와는 이 취약점을 해결하기 위해 패치를 발표할 예정이다.http://www.v3.co.uk/v3-uk/news/2334217/critical-stuxnet-levelvulnerabilities-discovered-in-uk-power-pl.. 더보기
Healthcare.gov: Proceed at your own risk Healthcare.gov: Proceed at your own risk[Healthcare.gov will eventually be functional, but how secure?] According to the federal Department of Health and Human Services (HHS), Americans should have no fear of entering sensitive personal information on it, said spokeswoman Alicia Hartinger. The site is, "protected by stringent security standards (and) monitored by sensors and other tools to deter.. 더보기
You are Fined 1 Credit for a Violation of the Verbal Morality Statute Some citizens can control their language and others cannot. What is a civilized society to do? In a dystopian future you can count on electronic monitoring. But wait, the future is now… or it will be in a few weeks. [Tdicola] is building the verbal morality monitor from Demolition Man as his entry in Hackaday’s ongoing Sci-Fi Contest.Currently the project is in the early planning phase, but holy.. 더보기
Spam report: February 2014 Spam in the spotlightSpammers actively sent out Valentine’s Day offers in February, while ‘Nigerian’ scammers exploited the political situation in Ukraine and the tragic events there to trick users out of their money. Among the most notable mailings of the month was an offer to win free laser eye surgery.‘Nigerian tourists’ in UkrainePolitical unrest rarely goes unnoticed by the scammers, so it .. 더보기
EA Games website hacked; Phishing page hosted to steal Apple IDs Recently we aware you about the tricky phishing scam targeting Google Docs and Google Drive, a similar phishing scam has been detected by the researchers targeting Apple users to steal users’ credentials. According to the researchers at Netcraft, a UK based security services company, the hackers have compromised the web server owned by the gaming company, Electronic Arts (EA) to host a phishing .. 더보기
World’s First Google Glass Spyware app unveiled In the mob of Smart Devices, after Smartphones... Google glass would definitely be the next must-have device. It’s non-other than a small computer you wear like eyeglasses allows you to surf the Web, email, text, take photos, live videos and more, -- all hands free. Google Glasses are yet in very limited release, but researchers have developed the world’s first spyware that could hijack your Goo.. 더보기
Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices. A Linux worm named Linux.Darlloz, earlier used to target Internet of Things (IoT) devices, i.e. Home Routers, Set-top boxes, Security Cameras, printers and Industrial control systems; now have been upgraded to mine C.. 더보기
Symantec discovered Android Malware Toolkit named Dendroid Android platform is becoming vulnerable day by day and hackers always try to manipulate android by applying novel techniques. In this regard, Symantec researchers have found a new android malware toolkit named “Dendroid”. Previously Symantec found an Android Remote admin tool named AndroRAT is believed to be the first malware APK binder. However, Dendroid runs on HTTP with many malicious feature.. 더보기
Reviewing the Secunia 2013 Vulnerability Review Reviewing the Secunia 2013 Vulnerability ReviewBy jerichoattrition on March 18, 2014On February 26, Secunia released their annual vulnerability report (link to report PDF) summarizing the computer security vulnerabilities they had cataloged over the 2013 calendar year. For those not familiar with their vulnerability database (VDB), we consider them a ‘specialty’ VDB rather than a ‘comprehensive’.. 더보기
Anatomy of a Control Panel Malware Attack, Part 1 Recently we’ve discussed how Control Panel (CPL) malware has been spreading in Latin America. In the past, we’ve analyzed in some detail how CPL malware works as well as the overall picture of how this threat spreads. In this post, we shall examine in detail how they spread, and how they relate with other malicious sites and components.Recently, while I was checking my spam mailbox, I found one .. 더보기

티스토리툴바