ICYMI: Industroyer; WannCry; InfoSec Bears; Infosec GDPR; Virgin routers

News by SC Staff

In Case You Missed it: Industroyer hits controls: WannaCry 1 month on; Infosec Bear hunt; Infosec GDPR role; Virgin routers vulnerable

'Industroyer' malware spells trouble for industrial control systems

New malware has emerged which researchers call “the biggest threat to industrial control systems since Stuxnet.”Researchers at ESET detailed the discovery of Win 32/Industroyer malware in a recent blogpost.

They write: “the malware is capable of doing significant harm to electric power systems and could also be refitted to target other types of critical infrastructure.” Researchers point to an event in Kyiv where a power substation was compromised and electricity was cut to a part of the city for an hour in December 2016. While ESET cannot say for sure whether it was used in those attacks, the probability is high. More.... 

WannaCry: A month later

Tom Levasseur, CGI's vulnerability assessment and penetration specialist, gave the attendees at SC Media's RiskSec Toronto 2017 an in-depth look at WannaCry, putting to rest several of the initial rumours that popped up regarding how the ransomware was propagated and which operating systems were at risk.

A few of the points he, along with most industry researchers, are certain of is the EternalBlue and DoublePulsar tools did originate from the National Security Agency, aka the Equation group, the ShadowBrokers are most likely a Russian intelligence organisation. However, nailing down who was behind the attack is still up in the air (also see N Korean attribution).  More ... 

InfoSec 2017: What are Fancy Bears and why it matters, even for SMEs

"We track all Russian threat actors under 'bear'" said Adam Meyers, VP of intelligence at CrowdStrike and a widely recognised expert in the field, as he addressed a crowd at InfoSec 2017.  In his talk, Hacking Exposed: Real-World Tradecraft Bears, Pandas and Kittens, Meyers lifted the lid on some of the attribution work for which Crowdstrike has become famous.

Fancy Bear, along with Cozy Bear, was identified by Crowdstrike as the two Russian groups behind the ‘hacking' of the US election in 2016.  The firm gained international acclaim for labelling them as such.  More... 

InfoSec 2017: Is GDPR the new corporate social responsibility project?

Almost every vendor at InfoSecurity Europe 2017 seems to have an angle on the General Data Protection Regulation (GDPR), and many of them are heavily promoting consultancy services and other products aimed at helping organisations achieve compliance.

However, with so many vendors pushing different angles,  it is a challenge to know who to listen to.  Many surveys and statistics claim that few are ready for, prepared or preparing for GDPR, and maybe that's because at first glance, GDPR compliance looks like an insurmountable task – an impression that is only reinforced by the fact that even the ICO is yet to publish final guidance on certain aspects of it. More ....

Virgin Media routers contain vulnerability which allows admin access

A security vulnerability has been discovered in home broadband routers used by Virgin Media customers, which facilitates hackers gaining access to the device's administrator panel. The researcher who discovered the flaw from Context Information Security says that both the Super Hug 2 and Super Hub 2AC (both of which are made by Netgear) are affected.

Context's Jan Mitchell and Andy Monaghan have released extensive research on the vulnerability; they said in a press release that, “[the] discovered vulnerabilities in a feature allowing users to create backups of their custom configurations - such as port forwarding and dynamic DNS settings – which could be restored at a later date.” 

More ...


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews