A remote vulnerability has been discovered in the operating system of wind turbines of the major U.S.-based manufacturer XZERES. It can be exploited to gain full administrative access to single wind turbines and clusters of them.
Like almost everything nowadays, even a wind turbine apparently has to come with a shiny web interface to manage it. It is nothing new that especially these are often the weak spot that can play a major role in an exploitation process. Continue reading
For the first time Beijing officially admits that it has special cyber units in its military and intelligence sectors. Up until now China always dismissed any allegations that it has a cyber army that can be used in targeted attacks on networks, as well as critical infrastructure such as gas pipelines and power grids. For years many suspected that China’s government was involved in hacking attacks on U.S. corporations to leak trade secrets, but Beijing never admitted its involvement and denied it had a cyber army. Continue reading
At the hacking competition Pwn2Own, serious security vulnerabilities were discovered in all major browsers, which includes Google Chrome, Apple Safari, Mozilla Firefox and Microsoft Internet Explorer. This year the star of the show was South Korean security researcher JungHoon Lee, who goes by the nick name lokihardt. During the event he made a total of $225.000 in bug bounties, due to the amount and severity of the security related bugs he discovered. Continue reading