SoylentNews is people
SoylentNews
Security researchers at FireEye / Mandiant [say] "We identified the presence of a financially-motivated threat group that we track as FIN1, whose activity at the organisation dated back several years."
[...] "FIN1 used this malware to access the victim environment and steal cardholder data. The group, which may be located in Russia, is known for stealing data that is easily monetised from financial services organisations such as banks, credit unions, ATM operations, and financial transaction processing and financial business services companies."
[...] The malware's installation location also means it will persist even after re-installing the operating system, widely considered the most effective way to eradicate malware.
Can we all agree that updating firmware should require the movement of a physical jumper?
(Score: 1) by anubi on Wednesday December 09 2015, @04:43AM
I am building industrial Arduino-compatibles.
MODBUS (RTU) / SCADA compatible. Uses a graphical HMI. As well as all those nifty little Arduino I2C interfaces.
One thing I am extremely concerned with is that I do not allow the thing to get into programming mode until the jumper to force a reset at the appropriate time is in place.
The question I have for this forum is.... just how easy is it to pwn an Arduino if you are only allowed to talk to it via its serial port?
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]