Home connected device users are putting their IoT networks at risk by leaving exposed a common service devices use to seamlessly connect and communicate with each other, according to cybersecurity firm Trend Micro. Hackers recently have been found to exploit the Universal Plug and Play (UPnP) service of poorly configured routers and home networking devices, as evidenced by an attack earlier this year that allegedly hijacked thousands of Chromecast streaming dongles, Google Home devices and smart TVs to play an ad for a YouTuber PewDiePie’s channel. This event prompted Trend Micro researchers dig deeper into UPnP, discovering that the potential to exploit this service remains significant as many home users are leaving UPnP enabled–unknowingly or not–and often with older, unpatched versions of the service installed on devices, they said. “In a nutshell, we found that most devices still use old versions of UPnP libraries,” wrote Tony Yang, a Trend Micro […]
Attacks against smart devices are surging, with both old and new threats targeting connected devices that remain largely unsecured, according to researchers at Kaspersky Lab.
Though they are some of the oldest cyber attacks, Distributed Denial of Service (DDoS) attacks show no signs of going away, with an increase in the number, scope and sophistication of DDoS attacks in the past year, according to a recent report by cloud-delivery platform provider Akamai Technology.
Three men have pleaded guilty in U.S. federal court for their role creating and renting out the Mirai botnet, which launched damaging denial of service attacks against the U.S. firm Dyn and other online properties, the website Krebs on Security reports.
In-brief: Far from ‘breaking’ the public key encryption (PKI) model, the Internet of Things is poised to turbocharge PKI adoption and revolutionize online identity, DigiCert CTO Dan Timpson writes.