Security News
TechRepublic Premium IT physical security policy This policy will help your organization safeguard its hardware, software and data from exposure to persons who could intentionally or inadvertently harm your business and/or damage physical assets. From the policy: PHYSICAL SECURITY GUIDELINES AND REQUIREMENTS The following guidelines should be followed in designing and enforcing access to IT assets.
Researchers have disclosed details of three new security vulnerabilities affecting operational technology products from CODESYS and Festo that could lead to source code tampering and denial-of-service. The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL. "These issues exemplify either an insecure-by-design approach - which was usual at the time the products were launched - where manufacturers include dangerous functions that can be accessed with no authentication or a subpar implementation of security controls, such as cryptography," the researchers said.
Researchers have disclosed details of three new security vulnerabilities affecting operational technology products from CODESYS and Festo that could lead to source code tampering and denial-of-service. The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL. "These issues exemplify either an insecure-by-design approach - which was usual at the time the products were launched - where manufacturers include dangerous functions that can be accessed with no authentication or a subpar implementation of security controls, such as cryptography," the researchers said.
A 22-year-old student German federal police believe to be the administrator of one of the largest German-speaking, dark-web forums has been arrested. According to German law enforcement, the student, from Lower Bavaria, served as the operator of the third version of Deutschland im Deep Web since November 2018.
German newspaper 'Heilbronn Stimme' published today's 28-page issue in e-paper form after a Friday ransomware attack crippled its printing systems. On Saturday, the newspaper issued an "Emergency" six-page edition while all planned obituaries were posted on the website.
It's enough to keep business owners and security professionals worried that they are also exposed, be it through an overlooked vulnerability baked into their devices or an unknown, exploitable weakness in their software. Dell and Intel know that the only way to reliably secure business devices and networks is through a harmonization of hardware and software security technologies working in concert.
The Association of German Chambers of Industry and Commerce was forced to shut down all of its IT systems and switch off digital services, telephones, and email servers, in response to a cyberattack. DIHK is a coalition of 79 chambers representing companies within the German state, with over three million members comprising businesses ranging from small shops to large enterprises in the country.
Cybersecurity researchers have discovered a number of malicious packages in the NPM registry specifically targeting a number of prominent companies based in Germany to carry out supply chain attacks. "Compared with most malware found in the NPM repository, this payload seems particularly dangerous: a highly-sophisticated, obfuscated piece of malware that acts as a backdoor and allows the attacker to take total control over the infected machine," researchers from JFrog said in a new report.
A years-long phishing campaign has targeted German companies in the automotive industry, attempting to infect their systems with password-stealing malware. These sites are used to send phishing emails written in German and host the malware payloads downloaded to targeted systems.
German police have located and closed down the servers of Hydra, allegedly one of the world's biggest underground online stores. According to a report from the BBC, locating the actual servers used to run Hydra was not an easy task, but German police said they started following up on a tip in the middle of 2021 that suggested the servers were actually hosted in Germany.