At December's Amphion Forum in San Francisco, researcher Ang Cui demonstreated how he could exploit a common vulnerability in Cisco 7900 series VoIP phones.
Now, Cui's company, Red Balloon, has offered protection for VoIP phones, not just the Cisco brand. Known as Symbiotes, the defense software sits right beside the embedded system on a circuit.Read More
In a presentation at the Association for Computing Machinery’s Computer and Communications Security conference in Raleigh, North Carolina, two researchers Leyla Bilge and Tudor Dumitra looked at 18 malware attacks, finding example of them being exploited in the wild for up to 312 days on average and up to 2.5 years in some cases.
“In fact, 60% of the zero-day vulnerabilities we identify in our study were not known before, which suggests that there are many more zero-day attacks than previously thought—perhaps more than twice as many,” the researchers noted in their white paper.Read More
We've previously posted (here and here) about the ongoing concern among experts surrounding the security of the critical infrastructure and the smart grid. These concerns have been made all the more important with the recent discovery of a sophisticated virus targeting computers that run certain industrial control systems -- potentially used to operate the critical infrastructure. As reported in Computerworld and BusinessWeek, the worm--known as "Stuxnet"--specifically targets Siemens industrial management systems.Read More