In-brief: The CEO of a company offering a $1 million bounty for a working exploit of Apple’s iOS operating system said two teams are closing in on the prize. The offer – for up to three iOS exploits – runs through October 31st.
Tag: software
Cisco Talks up IoT as Disruptor, Unveils New Security Portfolio
In-brief: Cisco Systems new CEO Chuck Robbins talked up the disruptive potential of IoT, while also announcing new Cisco products geared at key verticals and a new security portfolio for IoT.
Vigilante botnet highlights woeful state of embedded device security
A mysterious piece of software, dubbed Wifatch, has been infecting tens of thousands of Linux-based home routers and, according to experts at Symantec, attempts to secure them from attack. But Wifatch’s benevolent intentions shouldn’t obscure its malicious actions, or the security problems that it takes advantage of. The malicious software runs on vulnerable, Linux-based home routers. There, it removes other malware infections, disables vulnerable services like Telnet and even prompts users to update their administrator user name and password to prevent compromise, according to a post on Symantec’s blog. But the malware is still spreading between vulnerable systems without the owners consent and could easily be pressed into service distributing spam or malicious software, experts note. According to Symantec, Wifatch is likely spreading between infected devices by targeting exposed Telnet interfaces and using brute force password attacks to gain access to the devices. Tens of thousands of devices may have been infected […]
Apple Gatekeeper Bug Suggests Sleepy Approach To OS Security
In-brief: A security hole in Apple’s Gatekeeper security software could allow malicious programs to be run on OS X, including the latest release, El Capitan. The researcher who discovered it says that Apple has fallen well behind rival Microsoft in providing security for its operating system.
Life and Limb Exception: Researchers OK Outing Dangerous IoT Holes
In-brief: a survey of security professionals finds they are willing to circumvent vendors who do not respond to reports of security holes in their products.
