An old protocol found in SOHO routers may be responsible for recent DrDoS attacks, says the security steam at Akamai. Akamai, through the company’s Prolexic Security Engineering & Research Team (PLXsert), issued an alert today for an old protocol that could be used in Distributed Reflection Denial of Service attacks (DrDoS) attacks. Routing Information Protocol v1 (RPIv1) allows routers in small networks to share route information. For example a router running RIPv1 would send a request over UDP 520 when it is first powered on and other devices on the network, listening for this request, would send the new router a list of routes. In this case the list of routes would be sent instead to a designated target. It has since been replaced with RIPv2 but many older units still have RIPv1 enabled by default. “This version of the RIP protocol was first introduced in 1988 – more than […]
Search Results for "home router"
FBI Seizes Dozens of Online ‘Dark Markets’
The news yesterday was that the FBI arrested a 26 year-old San Francisco man responsible for operating Silk Road 2.0 – an anonymous, online marketplace for illicit goods. The news on Friday is that Silk Road was just the tip of the iceberg. On Friday, the FBI and announced that it has seized dozens of other so-called “dark market” websites offering a range of illegal goods and services for sale on the “Tor” network. The coordinated take downs are the “largest law enforcement action to date against criminal websites operating on the ‘Tor’ network,” the FBI said in a statement. “We shut down the original Silk Road website and now we have shut down its replacement, as well as multiple other ‘dark market’ sites allegedly offering all manner of illicit goods and services, from firearms to computer hacking,” said Manhattan U.S. Attorney Preet Bharara The take-downs were part of a coordinated law enforcement action […]
The Key to Security in the Internet of Things – IEEE Spectrum
IEEE Spectrum has an article that provides a nice overview of security and privacy issues on the Internet of Things. The article by Mark Anderson highlights a number of the issues that have cropped up on these pages as well, namely: the rush to market in the consumer IoT space (much of it driven by crowd funding sites like IndieGoGo and Kickstarter) the lack of a strong business case for (consumer) manufacturers to build security into IoT products the tendency of large manufacturers to pursue siloed security standards that thwart efforts to build devices interconnect with other IoT infrastructure (other devices, routers, etc.) So far efforts to coordinate IoT development around a single platform or set of standards have been reduced to predictable turf battles: Google’s Thread versus multi-vendor efforts like TheAllSeen Alliance, The Open Interconnect Consortium, The Industrial Internet Consortium versus Apple HomeKit and HealthKit and others. In the […]
Concept Worm Could Spread Between Networked Attached Storage Systems
Kelly Jackson Higgins over at Dark Reading has a really interesting story about a researcher who is building a NAS worm. That’s right: some automated malware that will be capable of roaming the Internet finding and compromising consumer network attached storage (NAS) devices. Higgins interviewed Jacob Holcomb, a security analyst at the firm Independent Security Evaluators, has rolled more than two dozen previously unknown and undiscovered (‘zero day’) software vulnerabilities in NAS products into a proof-of-concept, self-replicating worm. According to Higgins, the worm scans for vulnerable services running on NAS systems — mostly web servers — and identifies the type of NAS device and whether it harbors the bugs. If a known, vulnerable platform is discovered, the worm launches the corresponding exploit from its quiver to take control of the device. Compromised devices are then used to scan for other, similar devices. Holcomb has already informed affected vendors – a list that includes […]
Industrial Control Vendors Identified In Dragonfly Attack
Two of the three vendors who were victims of a targeted malware attack dubbed ‘Dragonfly’ by the security firm Symantec have been identified by industrial control system security experts. Writing on Tuesday, Dale Peterson of the firm Digitalbond identified the vendors as MB Connect Line, a German maker of industrial routers and remote access appliances and eWon, a Belgian firm that makes virtual private network (VPN) software that is used to access industrial control devices like programmable logic controllers. Peterson has also identified the third vendor, identified by F-Secure as a Swiss company, but told The Security Ledger that he cannot share the name of that firm. The three firms, which serve customers in industry, including owners of critical infrastructure, were the subject of a warning from the Department of Homeland Security. DHS’s ICS CERT, the Industrial Control Systems Computer Emergency Response Team, said it was alerted to compromises of the vendors’ by researchers […]
