Post Tagged with: "password"

Vigilante botnet highlights woeful state of embedded device security

October 5, 2015 12:070 comments
A scatter plot diagram of compromised home routers.

A mysterious piece of software, dubbed Wifatch, has been infecting tens of thousands of Linux-based home routers and, according to experts at Symantec, attempts to secure them from attack. But Wifatch’s benevolent intentions shouldn’t obscure its malicious actions, or the security problems that it takes advantage of. The malicious software runs on vulnerable, Linux-based home routers. There, it removes other malware infections, disables vulnerable services like Telnet and even prompts users to update their administrator user name and password to prevent compromise, according to a post on Symantec’s blog. But the malware is still spreading between vulnerable systems without the owners consent and could easily be pressed into service distributing spam or malicious software, experts note. According to Symantec, Wifatch is likely spreading between infected devices by targeting exposed Telnet interfaces and using brute force password attacks to gain access to the devices. Tens of thousands of devices may have been infected […]

Read more ›

Update: Photo Bombed Retailers CVS and Costco Admit Customer Data Stolen

September 16, 2015 06:460 comments
Update: Photo Bombed Retailers CVS and Costco Admit Customer Data Stolen

  In-brief: Pharmacy chain CVS and discount chain Costco acknowledged this week that a July security incident involving a third party firm that provides online photo processing and printing services resulted in the theft of some customer data. (Updated to add comment from Staples and CVS. PFR Sept. 16, 2015) 

Read more ›

Panic in the Nursery: Research finds Baby Monitors make Easy Targets

September 2, 2015 16:130 comments
Philips InSight wireless baby monitors were among those found to contain serious, remotely exploitable vulnerabilities, according to Rapid7 researchers.

In-brief: Researchers from the security firm Rapid7 revealed the findings of a survey of common wireless baby monitors and nanny-cams, and found a host of serious and, in some cases, remotely exploitable vulnerabilities.

Read more ›

Shadowy IT: Mobile Gambling Apps Pose Security Risks in Enterprise

09:570 comments
Mobile gaming applications are common in enterprise mobile environments - and pose security risks, Veracode reports.

In-brief: Mobile gambling applications are becoming common in enterprise mobile environments, posing a risk to enterprise security and the security of enterprise data, the security firm Veracode reports. 

Read more ›
%d bloggers like this: