Unbeknown to most end users, a new sophisticated piece of malware corrals consumer routers and DSL modems into a lethal botnet. Using a variety of strategies for exploitation, this could be an attack vector for the theft of personally identifying information – a technique that’s not going away, according to researchers at DroneBL.
The "psyb0t" worm is believed to be the first piece of malware to target home networking gear, which bills itself as a real-time monitor of abusable internet addresses. It has already infiltrated an estimated 100,000 hosts. It has been used to carry out DDoS, or distributed denial of service, attacks and is also believed to use deep-packet inspection to harvest user names and passwords.
Paris-based Areva is warning its industrial customers to upgrade a key part of its energy management software after it discovered security bugs which could allow power plants to be hijacked. The technology is a type of supervisory control and data acquisition (SCADA) software used in power plants... According to the security advisory from CERT, the software bugs allow attackers to gain access to the privileges of the e-terrahabitate account or administrator account and execute commands or cause the system to crash.Read More