In-brief: Cisco Systems has patched a serious security hole in its Prime Home, a network management tool that it markets as a way for service providers to manage “Internet of Things” devices in connected (“smart”) homes.
Internet Service Provider
FCC Wary of Security Mandates for Internet of Things | Morning Consult
In-brief: Despite urging from lawmakers on Capitol Hill, the FCC is wary of changing rules to give ISPs a freer hand in cutting off access for infected Internet of Things devices, according to a report.
The Worm (Re)Turns, Targets Embedded Linux AirOS
In-brief: A self-reproducing Internet worm is spreading globally, infecting embedded systems running AirOS, Linux-based firmware that runs hardware like wireless routers and wireless access points.
GSMA Announces Security Guidelines to Support Growth of the Internet of Things
In-brief: New guidelines from a leading mobile industry trade group seek to set standards for securing deployments of Internet of Things device.
Vigilante botnet highlights woeful state of embedded device security
A mysterious piece of software, dubbed Wifatch, has been infecting tens of thousands of Linux-based home routers and, according to experts at Symantec, attempts to secure them from attack. But Wifatch’s benevolent intentions shouldn’t obscure its malicious actions, or the security problems that it takes advantage of. The malicious software runs on vulnerable, Linux-based home routers. There, it removes other malware infections, disables vulnerable services like Telnet and even prompts users to update their administrator user name and password to prevent compromise, according to a post on Symantec’s blog. But the malware is still spreading between vulnerable systems without the owners consent and could easily be pressed into service distributing spam or malicious software, experts note. According to Symantec, Wifatch is likely spreading between infected devices by targeting exposed Telnet interfaces and using brute force password attacks to gain access to the devices. Tens of thousands of devices may have been infected […]
