Sophisticated Malware Exploits Zero-Day Vulnerability, Targets Industrial Systems

July 28, 2010

We've previously posted (here and here) about the ongoing concern among experts surrounding the security of the critical infrastructure and the smart grid. These concerns have been made all the more important with the recent discovery of a sophisticated virus targeting computers that run certain industrial control systems -- potentially used to operate the critical infrastructure. As reported in Computerworld and BusinessWeek, the worm--known as "Stuxnet"--specifically targets Siemens industrial management systems.

Read More

iPhone Worm has 2 Million Targets

November 16, 2009

Current estimates show that 6% to 8% of iPhones are "jailbroken," meaning their operating systems have been modified to run otherwise unsupported code. And with over 21 million iPhones sold, an estimated 1-2 million iPhones are jailbroken, and now they're all potential targets of a new worm that could put sensitive data in the hands of hackers. The worm, known as "iPhone/Privacy.A," exploits a vulnerability in jailbroken iPhones whose owners have not changed their default root passwords.

Read More

Feds Putting the "Smart" Cart Before the Horse?

November 3, 2009

President Obama recently announced $3.4 billion in grants to certain municipal districts, utility companies, and manufacturers to further drive the nation's transition to a technologically advanced smart grid power structure. This grid would allow more efficient energy delivery and real-time usage monitoring.

Read More

Malware hijacks 100,000 home routers into Botnet

April 6, 2009

Unbeknown to most end users, a new sophisticated piece of malware corrals consumer routers and DSL modems into a lethal botnet. Using a variety of strategies for exploitation, this could be an attack vector for the theft of personally identifying information – a technique that’s not going away, according to researchers at DroneBL.

The "psyb0t" worm is believed to be the first piece of malware to target home networking gear, which bills itself as a real-time monitor of abusable internet addresses. It has already infiltrated an estimated 100,000 hosts. It has been used to carry out DDoS, or distributed denial of service, attacks and is also believed to use deep-packet inspection to harvest user names and passwords.

More here.

Read More

Latest Cell Phone Worm Tricks Users

February 23, 2009

As the second mobile worm found in the wild for 2009,

Read More