Useful Links

Recent Posts

Archive:

Scary Security Developments

16 July 2010

There's a report out of a new vulnerability in Windows. That alone isn't particularly significant. There are, however, two interesting and scary things about the malware that exploited this flaw.

First, the code included two drivers that were digitally signed by a reputable company, Realtek. That is, the source of the code was strongly identified. Perhaps such schemes aren't that helpful as a security measure.

The second thing I noticed was the target of the code: a SCADA system. If you're going to launch a cyberwar or engage in cyberextortion, this is the sort of tool you want.

So — we have a 0-day attack that has bypassed a crucial authentication scheme to do really dangerous things to critical infrastructure, and it's in the wild. That's scary.

Permalink