Feds, Industry, Battle the Biggest Bug

Wednesday, 12 June 2002, 3:03 PM EST

Four months after a public advisory warned of security vulnerabilities in a ubiquitous Internet remote management protocol, there have been no widespread attacks exploiting the holes. But technology companies and a special U.S. government panel are quietly evaluating the threat of related vulnerabilities in some of America's most critical electronic infrastructures, including the telephone network, the power grid, and the next generation of air traffic control systems.

On February 12th, Carnegie Mellon's Computer Emergency Response Team (CERT) issued a high-profile alert about serious security holes in dozens of implementations of the Simple Network Management Protocol (SNMP) -- the Internet's standard language for monitoring and controlling routers, switches and other devices. It was big news in itself, with nearly two hundred companies forced to evaluate, and in some cases patch, their products. Perhaps owing to CERT's careful behind-the-scenes advance coordination with vendors, months later there have been no reports of mass exploitation of the vulnerabilities.

But while the Internet-oriented CERT warned only about SNMP security holes, the research on which they based their advisory had farther reaching implications.

[ Read more ]




Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //