Thanks to reader Gary for sending us in a sample of a *Coin miner that he found attacking Port 32764. Port 32764 was recently found to offer yet another backdoor on Sercomm equipped devices
Vulnerability Note VU#758382 Unauthorized modification of UEFI variables in UEFI systems Original Release date: 09 Jun 2014 | Last revised: 09 Jun 2014 Overview Certain firmware implementations may not correctly protect and validate information contained in certain UEFI variables. Exploitation of such vulnerabilities could potentially lead to bypass of security features and/or denial of service for the platform. Description According to Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of the MITRE Corporation, certain UEFI systems contain a vulnerability which could allow unauthorized modification of UEFI variables: As discussed in recent conference publications ( CanSecWest 2014 , Syscan 2014, and Hack-in-the-Box 2014 ) certain UEFI implementations do not correctly protect and validate information contained in the ‘Setup’ UEFI variable
8 retweets 7 favorites
Ross Anderson has an important new paper on the economics that drive government-on-population bulk surveillance: My first big point is that all the three factors which lead to monopoly – network effects, low marginal costs and technical lock-in – are present and growing in the national-intelligence nexus itself. The Snowden papers show that neutrals like Sweden and India are heavily involved in information sharing with the NSA, even though they have tried for years to pretend otherwise. A non-aligned country such as India used to be happy to buy warplanes from Russia; nowadays it still does, but it shares intelligence with the NSA rather then the FSB.
EVP & CTO Mike Fey discusses how McAfee and Siemens are extending their partnership to enhance the security offerings for industrial customers to protect against rapidly evolving global cyber threats.
This presentation introduces McAfee Endpoint Encryption for PC – EEPC. It covers the basic features and highlights how McAfee’s offering is unique.
Colorado based Valley View Hospital loses screengrabs for 5,400 patients going back to Sept '13 via #malware
Colorado based Valley View Hospital loses screengrabs for 5,400 patients going back to Sept '13 via #malware — 7 retweets 0 favorites