“Symbiotes” Defends VoIP Phones

By Robert Vamosi | 3/13/13 3:20 AM

At December's Amphion Forum in San Francisco, researcher Ang Cui demonstreated how he could exploit a common vulnerability in Cisco 7900 series VoIP phones.

Now, Cui's company, Red Balloon, has offered protection for VoIP phones, not just the Cisco brand. Known as Symbiotes, the defense software sits right beside the embedded system on a circuit.

Read More >

Zero Days Enjoy Longer Shelf Life Than Previously Thought

By Robert Vamosi | 10/18/12 2:03 AM

In a presentation at the Association for Computing Machinery’s Computer and Communications Security conference in Raleigh, North Carolina, two researchers Leyla Bilge and Tudor Dumitra looked at 18 malware attacks, finding example of them being exploited in the wild for up to 312 days on average and up to 2.5 years in some cases.

“In fact, 60% of the zero-day vulnerabilities we identify in our study were not known before, which suggests that there are many more zero-day attacks than previously thought—perhaps more than twice as many,” the researchers noted in their white paper.

Read More >

NFC Used To Attack Galaxy 3 Mobiles

By Robert Vamosi | 9/20/12 4:27 AM

As part of the EuSecWest mobile Pwn2Own hacker contest, researchers have demonstrated how to use NFC to pwn a Samsung Galaxy 3

Read More >

Sophisticated Malware Exploits Zero-Day Vulnerability, Targets Industrial Systems

By JDavis | 7/28/10 12:59 PM

We've previously posted (here and here) about the ongoing concern among experts surrounding the security of the critical infrastructure and the smart grid. These concerns have been made all the more important with the recent discovery of a sophisticated virus targeting computers that run certain industrial control systems -- potentially used to operate the critical infrastructure. As reported in Computerworld and BusinessWeek, the worm--known as "Stuxnet"--specifically targets Siemens industrial management systems.

Read More >