Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: No breaking news today, just a collection of industry articles. Wired published another article on the vulnerability of medical devices. Black Friday shoppers face point-of-sale malware. A security researcher claims that United Airlines knew of a critical vulnerability that would allow an attacker to completely manage the flights reservation system. Lastly, new information has been released that shows the Sony hackers were hidden for months thanks to a new tool called Damballa.
When you think about the Internet of Things, you probably think of smart refrigerators and smart electric meters, not smart pacemakers, insulin pumps, and x-ray machines. But medical devices and equipment have become increasingly software-based and network-connected, which means they’re now just as vulnerable to the hacks that threaten other digital devices.
Sophisticated malware could be lurking at the checkout waiting to harvest credit card details as US shoppers rush to the stores this week in the annual post-Thanksgiving shop-a-thon. iSight Partners, a threat intelligence company, has discovered a new kind of point-of-sale malware, short for malicious software, that it says is cleverly designed to be difficult to spot and to collect financial details in several different ways.
A security researcher found and reported a critical vulnerability to United Airlines that could allow an attacker to “completely manage any aspect of a flight reservation using United’s website.” He claims United Airlines, which announced a bug bounty program about six months ago, didn’t deploy a fix for five months and only plugged the holes after he threatened to publicly disclose the unpatched vulnerability.
The revelation took place while Damballa was investigating a new sample of Destover when two new utilities were found that could stealthily move through a network. Both enabled the Sony and Saudi Aramco hackers to avoid detection and stay inside the compromised systems for months.