Three men have pleaded guilty in U.S. federal court for their role creating and renting out the Mirai botnet, which launched damaging denial of service attacks against the U.S. firm Dyn and other online properties, the website Krebs on Security reports.
In this week’s Security Ledger podcast, sponsored by our friends at CyberArk, we talk about the German government’s recent decision to declare kids smart watches “surveillance devices” and to order their destruction. Also: Adrian Shabaz of Freedom House comes in to talk to us about the latest Internet Freedom report, which finds that governments are increasingly manipulating online content to shape online discussions and even the outcome of elections at home and abroad. And finally: leaked credentials in a GitHub repository may have been behind Uber’s loss of information on some 50 million customers. In a preview of a Security Ledger spotlight podcast, we hear from Elizabeth Lawler of CyberArk about the proliferation of so-called “Dev Ops secrets” and how companies need to do a better managing the permissions assigned to applications.
Low-hanging Internet of Things security fruit may be left unpicked, as connected device makers fret about the predation of sophisticated hackers, but balk at simple security fixes, a Security Ledger and LogMeIn survey finds. You can download the full report here in PDF format.
In-brief: A year after Mirai, as many as 100,000 devices, globally, may be running some version of the Mirai malware, while countless others are vulnerable to being enlisted in a Mirai-like attack. Worse: these systems may not be patched for “years,” according to the SANS Internet Storm Center.
In-brief: After legislation in five states stalled in the Spring, states like Massachusetts will be on the front line of renewed efforts to pass pro-consumer laws that create a “right to repair” for cell phones, medical devices and other software-driven products. At stake could be the right of consumers to control Internet of Things devices they purchase for use in their home, on their person or in their business.
