In-brief: A year after Mirai, as many as 100,000 devices, globally, may be running some version of the Mirai malware, while countless others are vulnerable to being enlisted in a Mirai-like attack. Worse: these systems may not be patched for “years,” according to the SANS Internet Storm Center.
Podcast: Play in new window | Download (9.7MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: In the latest Security Ledger podcast we talk about pending right to repair laws and their impact on the Internet of Things. Also: Facebook’s Internet Defense Prize went to a better method for spear phishing detection. We talk to a member of the winning team. And, Johannes Ullrich of The Internet Storm Center joins us to talk about a study he did to measure the frequency of attacks on a common IoT device: digital video recorders.
In-brief: After seeding the globe with hackable DVRs and webcams, Zhejiang Dahua Technology Co., Ltd. of Hangzhou, China will be working with the U.S. firm Synopsys to “enhance the security of its Internet of Things (IoT) devices and solutions.”
In-brief: In just the last week, remotely exploitable security holes cropped up in hundreds of models of IP enabled security cameras and recorders as well as a popular line of network attached storage (NAS) devices. The culprit? Shoddy firmware and lax oversight by vendors. When will it end??
In-brief: More than 14,000 Internet domains stopped using managed DNS services from Dyn, the New Hampshire based company, following an October botnet attack on the company, data from Bitsight suggests.