Industrial Control System (ICS)/SCADA systems have been the talk of the security community for the last three or more years due to Stuxnet, Duqu, and other similar noteworthy attacks. While the importance and lack of security around ICS systems are well documented and widely known, I’ve been researching Internet-facing ICS/SCADA systems, who’s really attacking them, and why. Recently, I spoke at BlackHat Europe about the same research and wrote a research paper to share my findings.
Without knowing if Internet-facing SCADA ...
After releasing 12 security bulletins resolving a whopping 57 security flaws last month, this month's Patch Tuesday is relatively light.
For March, Microsoft unveils seven bulletins, in which four are rated Critical and three Important. Three of the bulletins deemed Critical may allow remote code execution, resulting to attackers installing malware onto unpatched systems. The other critical bulletin may permit possible aggressors to gain admin rights, basically giving them control over vulnerable machines.
The first of these Critical bulletins addresses ...
Robust and stealthier toolkits are predicted to emerge this year. This was first seen when the WhiteHole Exploit Kit appeared in the threat landscape. It took advantage of several vulnerabilities including the infamous CVE-2013-0422.
Additionally, there have been reports of another new exploit kit called “Neutrino” being sold in the underground. The exploit, which we detect as JAVA_EXPLOYT.NEU takes advantage of the following vulnerabilities:
CVE-2013-0431
CVE-2012-1723
Systems with versions Java 7 Update 11 and below are vulnerable. When exploited successfully, it downloads a ransomware variant, ...
In our 2013 Security Predictions, we predicted that conventional malware will focus mainly on refining tools instead of creating new threats. A perfect example of this prediction is how Blackhole Exploit Kit continuously attempts to circumvent the efforts done by the security industry. True enough, we recently received reports of a Blackhole Exploit Kit (BHEK) run that incorporated an exploit (detected by Trend Micro as JAVA_ARCAL.A) targeting the recently patched CVE-2013-0431.
If users can still recall, this vulnerability is part of ...
PostgreSQL is a fully featured object-relational database management system. It supports a large part of the SQL standard and is designed to be extensible by users in many aspects. Graphical user interfaces and bindings for many programming languages are available as well.
Earlier this month, I discovered a denial of service vulnerability in versions of PostgreSQL that caused a crash if a function was called with invalid arguments in a SQL query. In theory, one could examine the contents of the server's memory after the ...
