Home connected device users are putting their IoT networks at risk by leaving exposed a common service devices use to seamlessly connect and communicate with each other, according to cybersecurity firm Trend Micro. Hackers recently have been found to exploit the Universal Plug and Play (UPnP) service of poorly configured routers and home networking devices, as evidenced by an attack earlier this year that allegedly hijacked thousands of Chromecast streaming dongles, Google Home devices and smart TVs to play an ad for a YouTuber PewDiePie’s channel. This event prompted Trend Micro researchers dig deeper into UPnP, discovering that the potential to exploit this service remains significant as many home users are leaving UPnP enabled–unknowingly or not–and often with older, unpatched versions of the service installed on devices, they said. “In a nutshell, we found that most devices still use old versions of UPnP libraries,” wrote Tony Yang, a Trend Micro […]
So-called “sextortion” attacks are a growing threat, replacing other e-mail borne threats like spam, ransomware and business e-mail compromise attacks as they increase in sophistication and scope, a new report finds.
Researchers have discovered a new cyber-espionage campaign targeting the organization representing the exiled Tibetan government.
A Russian cyber criminal going by the name of “C0rpz” is believed to be the source of a massive trove of over one billion online credentials known as “Collection 1,” the firm Recorded Future reports.
The Department of Justice (DoJ) filed broad charges against Chinese telecom giant Huawei Technologies Co. Ltd. and its CFO Wanzhou Meng for allegedly stealing trade secrets from U.S. mobile firm T-Mobile and deceiving U.S. stakeholders about its business activity in Iran, among a number of other fraud and conspiracy activities over a 10-year period.