Blog Posts Tagged with "Hardware"
Port 9100/TCP Probes
December 06, 2012 Added by:Brent Huston
Now this is a little interesting. It is likely meant to be a validation probe that the printer device’s embedded web server is online and that the device is operational. BUT, the “Python-urllib/2.7″ made us suspicious. Perhaps this isn’t a usual printer request?
Comments (0)
How to turn any phone into a spy device with hardware hack
December 02, 2012 Added by:Pierluigi Paganini
Researcher Atul Alex has presented at the last edition of yhe International Malware Conference (MalCon) how it is possible to attack every mobile device with special hardware designed by using common electronic components...
Comments (0)
Microsoft Disrupts Nitol Botnet: Malware Hidden in Supply Chain
September 16, 2012 Added by:Pierluigi Paganini
Cybercriminals are exploiting a new way to spread malware by preloading malicious code inside counterfeit software deployed in computers that are offered for sale. To give you an idea of the phenomenon, 20% of the PCs researchers bought from an unsecure supply chain were infected with malware...
Comments (0)
Huawei and Cyber Espionage: A Question of Trust But Verify
August 06, 2012 Added by:Infosec Island Admin
We, the US, have unfortunately set ourselves up in a “pay less” mindset that has ha the military buying cheap hardware for missile systems that in the end, failed to launch. Do you want to have the same happen to your router or other hardware that your company relies on? Never mind the whole espionage thing...
Comments (0)
Rakshasa: Is it Possible to Design the Perfect Hardware Backdoor?
August 01, 2012 Added by:Pierluigi Paganini
Rakshasa malware infects the host’s BIOS and takes advantage of a vulnerable aspect of traditional architecture, as peripherals like network cards or sound cards can write to the computer’s RAM or to portions of the memory allocated to any of the other peripherals. It is hard to detect, and quite impossible to remove...
Comments (5)
Selling Your Old Smartphone? Not Smart...
July 12, 2012 Added by:Robert Siciliano
I purchased a bunch of used devices off of Craigslist and eBay to see if I could find data on the devices. I found a startling amount of personal data including photos, phone numbers, addresses, emails, text messages and passwords. Even if you wipe and reformat a hard drive, you may still miss something...
Comments (0)
Navigating the Minefield of Mobile Technology Purchasing
July 10, 2012 Added by:Patrick Oliver Graf
In organizations, there is a constant struggle between satisfying the technological needs of workers while maintaining an adherence to compliance and security. Remote access represents the next major iteration of this battle. This complexity also means there’s far more overlap between the pain points...
Comments (0)
The Five Most Important Reasons to Perform Network Auditing
June 21, 2012 Added by:Dan Dieterle
Network auditing may sound like an arduous task but, with the right tools and the right approach, it can be an easy to perform and critical aspect of your network management. If you are not yet performing regular network auditing, use these five important reasons to convince management it’s time to start...
Comments (3)
Disposal Dummies Cause Privacy and Security Problems
June 21, 2012 Added by:Rebecca Herold
Information disposal is now a legal requirement for basically all businesses of all sizes, and it simply makes sense to dispose of information securely as an effective way to prevent breaches. Having effective disposal policies, procedures and technologies in place demonstrates reasonable due diligence...
Comments (1)
Chinese-Made US Military Chip: Backdoor or Debugging Function?
May 29, 2012 Added by:Pierluigi Paganini
News has been circulating on internet about a microchip used by the US military and manufactured in China that contains a secret "backdoor" that makes possible remote control of devices utilizing it. Security expert Robert Graham has declared that the bug is merely for debugging operations...
Comments (0)
Security: Back to the "Made in the USA" Tradition
May 23, 2012 Added by:Jayson Wylie
The US government’s Department of Defense had, and may still have, issues with counterfeit components being procured and used in military weapons, vehicles and equipment. It’s a national security issue when the supply chains are compromised by weaknesses and scams...
Comments (0)
ZTE Confirms Backdoor Vulnerability in Android Devices
May 22, 2012 Added by:Headlines
"ZTE's Score M ships with an application featuring a hardcoded password that gives the user... administrator-level access. Running the program with the password spawns a root shell prompt on the Linux-powered mobes, allowing the phone to be completely taken over..."
Comments (0)
Evolution vs. Revolution in the Enterprise Mainframe
April 25, 2012 Added by:Bill Gerneglia
Mainframe technology can become dated quickly, and as application complexity increases, more space and increased mainframe functionality is required. If a mainframe fails to support advancing technology, application performance is put at stake...
Comments (0)
Real Questions about Huawei for US Rep. Frank Wolf
April 03, 2012 Added by:Joel Harding
The Congressman was obviously attempting to either persuade the US China Economic and Security Commission or reassure them about Huawei. He passionately made a one-sided statement but failed to provide any evidence aside from one news report in that day’s Washington Post...
Comments (1)
What is Aurora and Why is it a Risk to Grid Reliability?
March 29, 2012 Added by:Joe Weiss
Aurora is a gap in the protection of the electric grid. It is a basic physics property - an out-of-phase condition that cannot be seen by the operator and can NOT be addressed by traditional mitigation. The only means to prevent an Aurora event is by physical hardware mitigation...
Comments (0)
Do You Need a Formal Policy for Managing Mobile Devices?
March 28, 2012 Added by:Kyle Lagunas
Security risks associated with BYOD policies continue to intimidate some - one respondent said he is “scared to death of security vulnerabilities” - but what would do more to minimize risks than to adopt an official policy?
Comments (0)
- A Call to Structure
- What CEOs Need to Know About the Future of Cybersecurity
- Who’s Responsible for Your Cyber-Security?
- CERT/CC Warns of Vulnerabilities in Marvell Avastar Wireless SoCs
- Mozilla Concerned of Facebook’s Lack of Transparency
- OWASP: What Are the Top 10 Threats and Why Does It Matter?
- Magento Patches Command Execution, Local File Read Flaws
- The Biggest Security Hurdles in Your Business, and How to Overcome Them
- Four Technologies that will Increase Cybersecurity Risk in 2019
- Strategies for Winning the Application Security Vulnerability Arms Race