“Symbiotes” Defends VoIP Phones

March 13, 2013

At December's Amphion Forum in San Francisco, researcher Ang Cui demonstreated how he could exploit a common vulnerability in Cisco 7900 series VoIP phones.

Now, Cui's company, Red Balloon, has offered protection for VoIP phones, not just the Cisco brand. Known as Symbiotes, the defense software sits right beside the embedded system on a circuit.

Read More

Zero Days Enjoy Longer Shelf Life Than Previously Thought

October 18, 2012

In a presentation at the Association for Computing Machinery’s Computer and Communications Security conference in Raleigh, North Carolina, two researchers Leyla Bilge and Tudor Dumitra looked at 18 malware attacks, finding example of them being exploited in the wild for up to 312 days on average and up to 2.5 years in some cases.

“In fact, 60% of the zero-day vulnerabilities we identify in our study were not known before, which suggests that there are many more zero-day attacks than previously thought—perhaps more than twice as many,” the researchers noted in their white paper.

Read More

NFC Used To Attack Galaxy 3 Mobiles

September 20, 2012

As part of the EuSecWest mobile Pwn2Own hacker contest, researchers have demonstrated how to use NFC to pwn a Samsung Galaxy 3

Read More

Sophisticated Malware Exploits Zero-Day Vulnerability, Targets Industrial Systems

July 28, 2010

We've previously posted (here and here) about the ongoing concern among experts surrounding the security of the critical infrastructure and the smart grid. These concerns have been made all the more important with the recent discovery of a sophisticated virus targeting computers that run certain industrial control systems -- potentially used to operate the critical infrastructure. As reported in Computerworld and BusinessWeek, the worm--known as "Stuxnet"--specifically targets Siemens industrial management systems.

Read More