G DATA Blog – Hintertür zum Herzen

G DATA Blog – Hintertür zum Herzen

Was als Überschrift vielleicht harmlos und romantisch klingt, ist in Wirklichkeit eine ernste und gefährliche Sache. Tim Berghoff von unserem Security-Partner G DATA berichtet in seinem Blog-Eintrag von Sicherheitslücken bei einem amerikanischen Herzschrittmacher mit internem Defibrilator. Das Gerät hat eine Online-Anbindung mittels Funksender. Eigentlich dafür gedacht, die Funktionen und Werte online zu überwachen, gibt es aufgrund der Sicherheitslücken Möglichkeiten, die Steuerung des Gerätes von außen zu beeinflussen – im Grunde ein Horror-Szenario für die Betroffenen.

Weitere angeführte Beispiele sind u.a. die Deaktivierung der Beatmungsfunktion eines Narkosegerätes mit Netzwerkanschluss und manipulierte Insulin- und Infusionspumpen, die ferngesteuert tödliche Dosen verabreichen können.

Den sehr spannenden Blog-Eintrag von G DATA finden Sie hier.

Dass dieser Themenbereich nicht neu ist, kenne unsere Leser bereits. Auf der Sicherheitskonferenz Troopers haben die norwegische Sicherheitsforscherin Marie Moe – die selbst einen Herzschrittmacher trägt – und Dr. Kevin Fu ausführlich auf die Gefahren hingewiesen. Dazu haben wir in der Vergangenheit bereits einen Beitrag veröffentlicht, der hier noch einmal angeschaut werden kann.

Cisco PSIRT – Mitigating and Detecting Potential Abuse of Cisco Smart Install Feature

By Michael Schueler Cisco PSIRT has become aware of attackers potentially abusing the Smart Install (SMI) feature in Cisco IOS and IOS XE Software. While this is not considered a vulnerability, PSIRT published a Cisco Security Response on February 14, 2017 to inform customers about possible abuse of the Smart Install feature if it remains enabled after device […]

Source:: Cisco Security Notice

Cisco Coverage for Smart Install Client Protocol Abuse

By Talos Group Summary Talos has become aware of active scanning against customer infrastructure with the intent of finding Cisco Smart Install clients. Cisco Smart Install is one component of the Cisco Smart Operations solution that facilitates the management of LAN switches. Research has indicated that malicious actors may be leveraging detailed knowledge of the Smart Install Protocol to […]

Source:: Cisco Security Notice

Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Iceni Argus PDF Content Extraction affect MarkLogic

By Talos Group Overview Talos has discovered multiple vulnerabilities in Iceni Argus PDF content extraction product. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim’s machine. Although the main product is deprecated by Iceni, the library is still supported. Iceni has released a patched version that addresses these vulnerabilities. Nevertheless, the library is […]

Source:: Cisco Security Notice

Recognized Excellence in Trustworthy Product Development and Pervasive Data Protection

By John N. Stewart Last week at RSA, the 2017 Info Security Products Guide Global Excellence Awards honored three teams from the Cisco Security and Trust Organization
for their work in leading security practices.

Source:: Cisco Security Notice

Korean MalDoc Drops Evil New Years Presents

By Talos Group This blog was authored by Warren Mercer and Paul Rascagneres. Talos has investigated a targeted malware campaign against South Korean users. The campaign was active between November 2016 and January 2017, targeting a limited number of people. The infection vector is a Hangul Word Processor document (HWP), a popular alternative to Microsoft Office for South Korean users […]

Source:: Cisco Security Notice

Serenity Now! A better way to malware analysis.

By Joe Malenfant Over the last half decade the term sandboxing has become so pervasive, many customers I speak to have forgotten what it’s for! Sandboxing is a type of malware analysis – dynamic malware analysis to be exact. You execute a sample / file in a virtual environment and see what happens. There are numerous other types […]

Source:: Cisco Security Notice

Tech Quickie #1 – Factory Reset bei Innovaphone IP241

Heute gibt es die erste Ausgabe unseres neuen Video-Formats. Hier erklären wir, um was es dabei gehen wird:

In der ersten Ausgabe geht es um den Factory Reset bei Innovaphone IP241, IP240, IP230 und IP240A. Es kommt ja eher selten vor, dass man ein Innovaphone Endgerät auf Werkseinstellungen zurücksetzen muss, aber eben weil das nicht oft vorkommt, findet man dann diese Funktion zum Zeitpunkt X nicht. Hier zeigen wir, wie es geht:

Cisco Firepower 2100 Series Delivers Business Resiliency and Effective Security with a New Architectural Approach

By David C. Stuart We live in a time when lines in IT are blurring, and the line between security and network operations is just one example. When organizations are breached, their network is imperiled and business can suffer. Resiliency, performance, and threat defense are increasingly intertwined. No one understands this better than Cisco, with our decades of network […]

Source:: Cisco Security Notice

Vulnerability Spoltlight: Multiple Vulnerabilities in the Aerospike NoSQL Database Server

By Talos Group Vulnerabilities discovered by Talos Talos is releasing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from Denial of Service to potential remote code execution. This software is used by various companies that require a high performance NoSQL database. These issues have been addressed in version 3.11.1.1 of the Aerospike Database software. The […]

Source:: Cisco Security Notice