Secure environment (IoT)

Wait, what? Wasn’t the Stuxnet LNK vulnerability CVE-2010-2568, reported by Sergey Ulasen, patched years ago?

Over the years we have tracked multiple campaigns by an advanced threat actor we call Animal Farm. The group has targeted a wide range of global organizations.

In this post, let’s examine several additional plugins more closely, targeting details around BE2 Siemens exploitation, and some of their unusual coding failures.

Microsoft’s security team begins 2015 with a minimal set of Security Bulletins, MS15-001 through MS15-008.

A cutting-edge IT security conference, was held from 18th -19th December. It was the second round, following its first occurrence in February 2014.

By closely observing more than 60 threat actors responsible for APT attacks worldwide, the team of experts has now compiled a list of the top emerging threats in the APT world. We think these will play an important role in 2015.

A long time has passed since we published our analysis of threats for home network devices. Since then, the situation has significantly changed – alas, not for the better.

Our homes today look more like small offices. We have tons of different devices connected to our network, everything from storage devices and network equipment to wireless network printers.

For the past seven years, a strong threat actor named Darkhotel, also known as Tapaoux, has carried out a number of successful attacks against a wide range of victims from around the world. It employs methods and techniques which go well beyond typical cybercriminal behavior.

More and more people keep talking about the feature of payments via NFC. The problem in this particular case is that somebody reversed the “Tarjeta BIP!” cards and found a means to re-charge them for free.

With the emergence of wearables, the convergence between the virtual and the physical world makes people feel more natural using technology all the time. Unfortunately, the emergence of new technologies also entails new security risks.

Now that the Internet of Things is all the rage, I wanted to take a look at a trend in IoT that I find particularly exciting and that’s wearable devices.

A typical modern home can have around five devices connected to the local network which aren’t computers, tablets or cellphones. As users in a connected digital environment we need to ask ourselves: ‘Are the devices connected to my network vulnerable? What could an attacker actually do if these devices were compromised? Is my home ‘hackable?’

The patch is up! Microsoft is pushing out an Out of Band (OOB) security update MS14-021 to address the recently disclosed Internet Explorer 0day exploit incidents involving a known, high end threat actor. Cheers to a quick response from such a large vendor on this issue! The story goes like this. The week of the

In mid-April we detected two new SWF exploits. After some detailed analysis it was clear they didn’t use any of the vulnerabilities that we already knew about. We sent the exploits off to Adobe and a few days later got confirmation that they did indeed use a 0-day vulnerability that was later labeled as CVE-2014-0515. The