In-brief: A hard coded firmware password could provide remote hackers with access to a wide range of home broadband routers, underscoring the risk posed by shared hardware and software, according to an alert from Carnegie Mellon University’s CERT this week.
Andrey Belenko had what you might call a ‘brush with infamy’ earlier this week after a presentation he took part in on the security of Apple’s iCloud became a set piece in the news media scramble to identify the source of a huge trove of leaked celebrity photos – many depicting Hollywood A-List stars in various states of undress. “It’s not the kind of attention you want to receive,” said Belenko, a security researcher with the firm ViaForensics. “It’s all really creepy stuff.” Belenko’s link to the celebrity hacking scandal was a matter of happenstance. He was scheduled to give a presentation at a small, St. Petersburg multi-media conference, Chaos Constructions, over the weekend. Belenko was presenting research he had conducted a year earlier on the security of Apple’s KeyChain technology and iCloud – a talk he had given twice before in the last year. Prior to his talk, Belenko […]
In this episode of The Security Ledger Podcast (#255) host Paul Roberts interviews Niels Provos of Lacework about his mission to use EDM to teach people about cybersecurity.
In this episode of the Security Ledger podcast, brought to you by ReversingLabs, we interview Danny Adamitis (@dadamitis) of Black Lotus Labs about the discovery of ZuoRAT, malware that targets SOHO routers – and is outfitted with APT-style tools for attacking the devices connected to home networks. As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. [MP3] Cyber attacks on small office and home office (or SOHO) routers aren’t new. Back in 2016, the malware known as Mirai made headlines across the world by infecting hundreds of thousands of weekly protected SOHO routers and DVR devices and stringing them into […]
Data breaches relating to unsecured Internet of Things devices have jumped by more than 10 percent since 2017, suggesting security efforts aren’t keeping pace with the growth of the Internet of Things, a new study finds.
