Monday, November 16, 2015

The USA military armament has “great cybersecurity failures”

The military artillery systems are part of the Internet of the Things too and, like this, have important cybersecurity failures. The USA Government  will dedicate 200 million dollars to securize them better. We’ll see if they achieve it. Today we talk also about a virus which entered in a police’s camera, of thousand vulnerable Java applications and also about fatal 0day on Chrome.

The president of the Unite States, Barack Obama, has compromised to sign an order for the Pentagon to secure its weapon systems against cyberattacks. The last year, a complete inspection of armament detected “important vulnerabilities” like misconfigured programs, weak passwords and another failures that allow to assault the systems with “amateur-intermediate” level skills. Another analysis make to drones, sensors, missiles and other systems detected similar problems.

Knowing that, we don’t surprise so much with a curious new of today: a virus was discovered, specifically Conficker, a worm, in a handheld cameras sold to the police and government agencies around the world and only manufactured for these entities. When the camera was plug in to a computer to download the videos and pictures, the video infected the computer and tried to infect the rest of computers of the same network.

Thousands of Java apps in danger

It would be a misfortune that a virus assaults a weapon making it aim badly when fired. But we don’t need weapons to have a disgust. With the software holes we have distractions for a while. Today we read that a vulnerability in a Java library, which affects to a thousand applications and it had discovered in June, but it hadn’t been solved yet. It has been necessary somebody creating an exploit to make Oracle publish recommendations to mitigate it and announce that they are working in a patch.

Better don´t use Chrome in Android

We finish with an information from last Friday, when we had closed the edition of our daily post and we just could post it on Twitter. Giving the importance of this new, we talk about it today: a failure in the Chrome browser for Android allows attackers to have total access to the smartphone of their victim, no matter the Android version used. Just visiting a website where the exploit was hiding it would be enough to get infected. Just in case and until Google launches the patch, we recommend use alternative browsers.

And that was our Monday’s security summary. We wish our readers a happy week.


Post a Comment