Mais vulnerabilidades em sistemas SCADA

do Slashdot:

"It is open season on SCADA software right now. Last week, researchers at ReVuln, an Italian security firm, released a video showing off a number of zero-day vulnerabilities in SCADA applications from manufacturers such as Siemens, GE and Schneider Electric. And now a researcher at Exodus Intelligence says he has discovered more than 20 flaws in SCADA packages from some of the same vendors and other manufacturers, all after just a few hours' work."

Notícia relacionada: Critical infrastructure software has fundamental security vulnerabilities - warning, ComputerWorld

O crime não compensa

ou toma cuidado com quem atacas (fonte: Slashdot):

"A pretrial hearing in the case against accused LulzSec hacker Jeremy Hammond this week ended with the 27-year-old Chicago man being told he could be sentenced to life in prison for compromising the computers of Stratfor. Judge Loretta Preska told Hammond in a Manhattan courtroom on Tuesday that he could be sentenced to serve anywhere from 360 months-to-life if convicted on all charges relating to last year's hack of Strategic Forecasting, or Stratfor, a global intelligence company whose servers were infiltrated by an offshoot of the hacktivist collective Anonymous.

Novo Rootkit faz injecção de iFrames

A few days ago, an interesting piece of Linux malware came up on the Full Disclosure mailing-list. It's an outstanding sample, not only because it targets 64-bit Linux platforms and uses advanced techniques to hide itself, but primarily because of the unusual functionality of infecting the websites hosted on attacked HTTP server - and therefore working as a part of drive-by download scenario.


Técnicas de hacking 2012

Estava a rever o relatório Russian Underground 101 da TrendMicro, que me foi reenviado por um amigo. O interessante é que o relatório pode servir como uma lista das técnicas usadas pelos hackers actuais: cifra de ficheiros, servidores dedicados, proxies, VPNs, ataques nível aplicação (SQLI, etc.), social engineering, etc etc.

Reserva territorial

A ideia tem andado a aparecer nos últimos tempos: a criação de uma ciber-reserva territorial para ajudarem na defesa do país em caso d eciber-guerra.

Following Sandy, DHS seeks security ‘Cyber Reserve’
By Taylor Armerding

November 02, 2012 — CSO — The damage to the electrical grid from Superstorm Sandy is just a taste of what could happen from a major cyberattack, says Department of Homeland Security (DHS) Secretary Janet Napolitano.

And a DHS task force said this week that one way to minimize that kind of risk is to recruit a "Cyber Reserve" of computer security pros that could be deployed throughout the country to help the nation defend and recover from such an attack.

Napolitano and other high government officials have been preaching about the escalating threats, particularly from hostile nation states like Iran, Russia and China, for some time.
The Hill reported that at a cybersecurity event hosted by the Washington Post, Napolitano said while recent news has been about financial institutions being hit with Distributed Denial of Service (DDoS) attacks, the nation's control systems for major infrastructure like utilities and transportation infrastructure were also being targeted.

The Secretary used Hurricane Sandy to make the point. "If you think that a critical systems attack that takes down a utility even for a few hours is not serious, just look at what is happening now that Mother Nature has taken out those utilities," Napolitano said.


notícia completa no CSO

7 coisas sobre o ciber-crime russo

7 things you didn't know about Russia's cybercrime market

Last Tuesday, security firm Trend Micro released a research paper summarizing -- with several tantalizing details, naturally -- the cybercriminal underground in Russia, and it's an eye-opening read, to say the least.
The paper is based on data gathered from online forums and services used by Russian cybercriminals, contextualized by articles written by hackers on their activities. In other words, the company toured the badlands so you don't have to, and is now reporting back with intelligence.
We're not talking about hobbyists, by the way. We're talking about people who make a living doing this.
If you regularly peruse popular cybercrime forums such as,, and, none of this will be news to you. But if you run a company that handles sensitive data -- these days, that's basically all of them -- there are some things you might like to know.
Seven things you probably didn't know:

Smart meters vulneráveis

Um estudo recente mostra que os smart meters usados para ler remotamente consumos de electricidade podem ser vulneráveis e fornecer informação privada dos utilizadores. O estudo refere-se a smart meters que usam comunicação wireless (existem outros que comunicam sobre a rede eléctrica).

Automated meter reading systems make life easy for intruders

(—Intruders of the break-in and snooping variety have their work cut out for them by just picking up wireless signals that are broadcast by utility meters, say researchers from the University of South Carolina at Columbia, IEEE and Rutgers. As with many other technological advances that bring new pathways for criminals, advances in meters have created concerns about intrusions. Millions of analogue meters to measure water, gas and electricity consumption have been replaced by automated meter reading (AMR) in the U.S. The newer method enables devices to broadcast readings by radio every 30 seconds for utility company employees to read as they walk or drive around with a receiver.

Notícia completa em

An aerial view of the neighborhood where the researchers performed their eavesdropping experiments. Each blue triangle or red star represents a group of four or five meters mounted in a cluster on an exterior wall. Using an LNA and a 5 dBi omnidirectional antenna, they were able to monitor all meters in the neighborhood. Some sniffed meters may be out of the scope of this view. Credit: Ishtiaq Rouf et al.
(com agradecimentos ao Diego Kreutz)