Friday, April 29, 2016

Security experts push for SWIFT update

Problem 1: The bank should have had a much better (anything would have been better!) protected network

From The Register:

Security vendors are pushing for a more comprehensive revamp of the SWIFT international inter-bank financial transaction messaging system beyond a update prompted by an $81m hack against Bangladesh's central bank.

The loss of $81m (part of an attempted $950m heist) in February’s Bangladesh cyber-heist – reckoned to be the biggest ever bank theft – has subsequently been linked to the bank’s use of second-hand $10 switches on its network and a lack of firewalls.
Posted by at No comments:

American Dental Association given malware USB drives

From SC Magazine:
Malware embedded on a USB drive was delivered to members of the American Dental Association (ADA).

The mailing contained a PDF file of dental procedure codes, but some of the drives also held code capable of redirecting recipients to a website known to host malicious code. If a user opened the file, the site downloaded code that could enable miscreants to gain control of a user's Windows computer.
Posted by at No comments:

Wednesday, April 27, 2016

German nuclear plant infected with computer viruses


They're infected with Conficker? Wow they must *never* update their systems. That just shouldn't happen. And they're Ok with this because the systems aren't connected to the Internet. Wow oh wow.

The nuclear power plant of Gundremmingen is pictured on March 11, 2012. (Reuters Image)
Another very interesting comment that in the article unrelated to the power plant:

"As an example, Hypponen said he had recently spoken to a European aircraft maker that said it cleans the cockpits of its planes every week of malware designed for Android phones. The malware spread to the planes only because factory employees were charging their phones with the USB port in the cockpit."

"Because the plane runs a different operating system, nothing would befall it. But it would pass the virus on to other devices that plugged into the charger"

Umm. That must not be just a USB charger then. It must be attached to a FAT file system of some sort. (Android won't mount and ext* file system out of the box)

The article is from Reuters:

"A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility's operations because it is isolated from the Internet, the station's operator said on Tuesday."

"The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE"
Posted by at No comments:
Subscribe to: Comments (Atom)