In-brief: Researchers at universities in Germany, working with the security firm Trend Micro, discovered more than 100 vulnerabilities in GitHub code repositories simply by looking for re-used code from tutorials and other free code samples. The same method could be harnessed by cyber criminals or other sophisticated attackers to find and exploit vulnerabilities in software applications, the researchers warned.
In-brief: A hidden, backdoor account affects a line of VoIP gateways made by DblTek, researchers from TrustWave found. The manufacturers fix, however, may not solve the problem.
In-brief: An article in Quartz finds a common theme in stories about the massive denial of service attacks from IoT botnets and exploding hover boards: a sketchy global supply chain.
In-brief:Cyber criminal groups are racing to gain control over a population of insecure “Internet of Things” devices, with new malware families targeting embedded devices appearing at a steady rate and a noticeable uptick in so-called “brute force” password guessing attacks against embedded systems.
In-brief: A common, China-based supplier of management software is the common thread that ties together the myriad digital video recorders, IP-based cameras and other devices that make up the Mirai botnet, according to analysis by the firm Flashpoint.
