Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Zombie Alert Hoax: Emergency Broadcast System Hacked
Newest First  |  Oldest First  |  Threaded View
anon3846919518
anon3846919518,
 User Rank: Apprentice
7/8/2013 | 4:26:20 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Wasn't one of those mobile roadside alert signs hacked with "Zombies Ahead" a few years ago, or was that just a good photoshop job? Either way, this whole zombie apocalypse thing is just annoying. I think you can actually sign up for zombie alerts here. http://www.alertbroadcast.com, but I don't know if you'll actually need them...BECAUSE ZOMBIES DON'T EXIST!
PJS880
PJS880,
 User Rank: Ninja
2/19/2013 | 7:06:53 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I had to chuckle when I read this, a public service announcement about zombies and people bought it. I also find it amusing that if convicted their perpetrators only misdemeanor charges along with a measly $1000 fine. I thought that if the organizations do not change the default settings on these devices then they could be easily hacked. This has been going on for years and apparently it is still going on today.

Paul Sprague
InformationWeek Contributor
OtherJimDonahue
OtherJimDonahue,
 User Rank: Apprentice
2/13/2013 | 5:31:17 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Oh, wake up, people. They only want you to think it was a hoax.

Jim Donahue
Copy Chief
InformationWeek
Andrew Hornback
Andrew Hornback,
 User Rank: Apprentice
2/13/2013 | 5:16:26 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I guess that FEMA hasn't worked out the bugs, even since the November 2011 calamity. Although, given the show content, I'd have to wonder if people were actually expecting a warning about zombies or if they would have preferred being switched over to a shopping network or a music video channel showing a Lady GaGa video.

Going to make for some interesting questions at the next IPAWS meeting, that's for sure. :)

Andrew Hornback
InformationWeek Contributor
jc
jc,
 User Rank: Apprentice
2/12/2013 | 8:35:23 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I have also seen a "Caution Zombies Ahead" sign in San Francisco recently, and according to the CDC, it's only a matter of time: http://www.cdc.gov/phpr/zombie...
Deirdre Blake
Deirdre Blake,
 User Rank: Apprentice
2/12/2013 | 7:28:55 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Now that's just funny!


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1142
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
CVE-2023-1143
PUBLISHED: 2023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-1144
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
CVE-2023-1145
PUBLISHED: 2023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
CVE-2023-1655
PUBLISHED: 2023-03-27
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.