Xen Project dropped the ball on two important security patches when it released a maintenance update for its popular hypervisor software on Tuesday. On its company blog today, Xen acknowledged what it called an “oversight” and attempted to explain what went wrong. However, absent from its updated blog, is a date that Xen Project expects to...

Mike Mimoso and Chris Brook recap last week’s Security Analyst Summit — including lots of IoT and critical infrastructure talk, how a researcher hacked his hospital, news on APTs like Metel and Poseidon, and more. Download: Reflecting_on_SAS_2016.mp3 Music by Chris Gonsalves

TENERIFE, Spain –The rhetoric around hacking the power grid would have you believe it’s a relatively mundane practice. Policymakers, intelligence agencies and vendors, for example, spread the word gleefully, leaning on scenarios such as state-sponsored hackers shutting off the lights in the dead of winter as a scare tactic to glean budget and influence. One...

Attackers have begun using rigged Microsoft Word documents propagated via spearphishing emails to spread the BlackEnergy Trojan. Researchers with Kaspersky Lab’s Global Research and Analysis Team discovered a malicious Word document last week that appears to stem from a campaign against one of the malware’s favorite targets, Ukraine. Russian-speaking actors with the BlackEnergy APT group have...

Researchers have uncovered yet another issue–and potential backdoor–in Advantech’s beleaguered EKI-1322 serial device server. The Dropbear SSH daemon associated with the server, because of heavy modifications, fails to enforce authentication. This makes it so any user who wants to bypass authentication can do so with a public key and password. Dropbear is a more lightweight SSH...

Comcast’s Xfinity Home Security System is vulnerable to attacks that interfere with its ability to detect and alert to home intrusions. Researchers at Rapid7 today disclosed the issue after fruitless attempts to contact and report the problem to Comcast dating back to Nov. 2; Rapid7 did disclose the vulnerability to CERT, which is expected to...

Automation and energy management company Schneider Electric patched a vulnerability in a product line this week that was leaving a handful of programmable automation controllers at risk of being hacked. Thirteen different builds of the Modicon M340 PLC are affected by the vulnerability, a buffer overflow that could let an attacker crash the device, or carry out...