NEWS
Linksys Says Yes to Open Source Firmware
The networking hardware vendor Linksys says it will allow users to install open source firmware on some of its devices. Beginning in June 2, 2016, the FCC (U.S. Federal Communication Commission) will require that device manufacturers limit the user's access to wireless router configuration settings. The primary reason behind this requirement is to ensure that users do not operate these routers beyond their licensed radio frequencies, which interferes with other services, such as FAA Doppler weather radar systems. In response to the FCC's requirements, most vendors decided the easiest path was just to ban open source firmware on their devices.
However, Linksys chose to comply with the FCC while still giving users the ability to install custom firmware. Linksys is working with chip maker Marvell and OpenWrt developers to find a midway point between the FCC requirements and the user's rights. The company plans to separate the RF wireless data from the firmware, so even if a user installs OpenWrt, it will not allow the use of non-licensed radio frequencies. Linksys will allow custom firmware only on WRT routers; the rest of its routers will block custom firmware.
TeamViewer Hit with DoS Attack
The website for the TeamViewer remote control/remote access service came under a denial of service (DoS) attack on June 1 that caused a massive service outage. The attack came just two weeks after many users complained that their accounts were compromised, alleging that TeamViewer had been hacked.
TeamViewer has denied any such hack and has blamed users for carelessness, stating, "TeamViewer is appalled by any criminal activity; however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer's side." The company said that they were not hacked nor was there any security hole. TeamViewer suggested that users should take some precautions to protect themselves.
Responding to the reports of the DoS attack, TeamViewer did admit an attack on its infrastructure. But they refused any connection with the alleged reports of hacking. The company said in a statement, "Some online media outlets falsely linked the incident with past claims by users that their accounts have been hacked and theories about would-be security breaches at TeamViewer. We have no evidence that these issues are related."
If you are a TeamViewer user, you should follow these best practices to keep your account safe.
New Stuxnet-Like Malware Found in the Wild
Researchers at the security firm FireEye have found mysterious malware, named Irongate, which is designed to target industrial processes, specifically, ICS/SCADA equipment that is manufactured by Siemens.
Irongate masks its malicious activities by replacing a Dynamic Link Library (DLL) with a malicious DLL. The DLL works as a broker between a programmable logic controller (PLC) and the monitoring software. It records five seconds of normal traffic and then replays it – the way Keanu Reeves loops tape in the movie Speed. This strategy allows attackers to hide from process operators.
The malware has the same attack traits that were seen in the infamous Stuxnet, which was allegedly created by Israel and the US to sabotage Iran's nuclear program.
FireEye said in a blog post, "Our analysis finds that IRONGATE invokes ICS attack concepts first seen in Stuxnet, but in a simulation environment. Because the body of industrial control systems (ICS) and supervisory control and data acquisition (SCADA) malware is limited, we are sharing details with the broader community."
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)