Robert Lemos

A German steel factory suffered a major cyber-attack, causing physical damage to the plant’s systems, according to a report published this week, which underscored that industrial-control networks need to be better secured against online attackers, experts said. The attack resulted in “massive damage” to the physical systems; a number of “system breakdowns resulted in an […]

A moderate-sized denial-of-service attack has disrupted North Korea’s Internet service, making government and university Websites largely unavailable for the past 24 hours, but security experts do not believe the U.S. government to be behind the attack. The attack used a technique known as amplification to inundate North Korea’s small Internet address block with Network Time […]

Four security vulnerabilities in a popular program for synchronizing time on Internet-connected computers could be used to compromise tens of thousands — and possibly millions—of servers, according to security experts. The vulnerabilities are in the ntpd server program, which is a popular open-source service used on Linux servers and other systems to implement the Network […]

The Federal Bureau of Investigation confirmed on Dec. 19 that the United States has concluded that the government of North Korea is the culprit behind the attack that has disrupted Sony Pictures Entertainment’s business. In a statement published on the law enforcement agency’s Website, the FBI and private-industry experts concluded that the attack showed similarities […]

Automated Web systems, or bots, conducting a variety of reconnaissance and attack activities accounted for 29 percent of all Web traffic in 2014, according to a report published on Dec. 18 by Web security firm Incapsula. The greatest proportion of bad bot traffic, about 22 percent, were automated impersonators, which gather information from Web sites […]

For years, researchers have studied the use of domain-name service (DNS) traffic as a way to hide attackers’ communications. Now, companies are increasingly encountering the tactic, according to a survey released on Dec. 16 by infrastructure-security firm Cloudmark. About 46 percent of companies detected data leaving their network through DNS communications, the survey of 300 […]

Attackers are targeting a popular brand of network-attached storage (NAS) systems using the well-known Shellshock vulnerability to compromise the devices and install a backdoor that automatically scans for more potential victims, according to security researchers. The attack, which qualifies as a worm, uses a previously known vulnerability in popular NAS devices made by QNAP, according […]

The hackers that compromised Sony Pictures Entertainment’s network leaked extremely sensitive information-technology credentials, including a collection of passwords and hundreds of certificates, one of which was used to sign the same malware used by the attackers to compromise the company. On Dec. 9, security firm Kaspersky Lab revealed that its products detected “an unusual sample” […]

Microsoft and Adobe both released patches for critical vulnerabilities on Dec. 9, the final Patch Tuesday of the year, but other companies, such as IBM and Oracle, have to patch a greater number of flaws each quarter, according to an analysis by security firm Secunia. In its third-quarter report released on Dec. 9, the vulnerability-management […]

A group claiming to be the hackers that breached Sony Pictures Entertainment’s network and leaked massive volumes of sensitive employee and business data reportedly threatened the company’s employees and their families in an email message. On Dec. 5, a message from a group calling itself the “Guardians of Peace” to Sony Pictures’ workers announced that […]