Feds, Industry, Battle the Biggest Bug

Wednesday, 12 June 2002, 3:03 PM EST

Four months after a public advisory warned of security vulnerabilities in a ubiquitous Internet remote management protocol, there have been no widespread attacks exploiting the holes. But technology companies and a special U.S. government panel are quietly evaluating the threat of related vulnerabilities in some of America's most critical electronic infrastructures, including the telephone network, the power grid, and the next generation of air traffic control systems.

On February 12th, Carnegie Mellon's Computer Emergency Response Team (CERT) issued a high-profile alert about serious security holes in dozens of implementations of the Simple Network Management Protocol (SNMP) -- the Internet's standard language for monitoring and controlling routers, switches and other devices. It was big news in itself, with nearly two hundred companies forced to evaluate, and in some cases patch, their products. Perhaps owing to CERT's careful behind-the-scenes advance coordination with vendors, months later there have been no reports of mass exploitation of the vulnerabilities.

But while the Internet-oriented CERT warned only about SNMP security holes, the research on which they based their advisory had farther reaching implications.

[ Read more ]




Spotlight

Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014.  |  Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //