Post Tagged with: "vulnerabilities"

Vigilante botnet highlights woeful state of embedded device security

October 5, 2015 12:070 comments
A scatter plot diagram of compromised home routers.

A mysterious piece of software, dubbed Wifatch, has been infecting tens of thousands of Linux-based home routers and, according to experts at Symantec, attempts to secure them from attack. But Wifatch’s benevolent intentions shouldn’t obscure its malicious actions, or the security problems that it takes advantage of. The malicious software runs on vulnerable, Linux-based home routers. There, it removes other malware infections, disables vulnerable services like Telnet and even prompts users to update their administrator user name and password to prevent compromise, according to a post on Symantec’s blog. But the malware is still spreading between vulnerable systems without the owners consent and could easily be pressed into service distributing spam or malicious software, experts note. According to Symantec, Wifatch is likely spreading between infected devices by targeting exposed Telnet interfaces and using brute force password attacks to gain access to the devices. Tens of thousands of devices may have been infected […]

Read more ›

Apple Gatekeeper Bug Suggests Sleepy Approach To OS Security

September 30, 2015 17:100 comments
A security hole in Apples Gatekeeper security software could allow malicious programs to be run on OS X, including the latest release, El Capitan.

In-brief: A security hole in Apple’s Gatekeeper security software could allow malicious programs to be run on OS X, including the latest release, El Capitan. The researcher who discovered it says that Apple has fallen well behind rival Microsoft in providing security for its operating system.

Read more ›

Epidemic: Researchers Find Thousands of Medical Systems Exposed to Hackers

September 29, 2015 18:450 comments
Thousands of medical devices installed in clinical settings can be accessed from the public Internet using default credentials, researchers revealed at a security conference over the weekend.

In-brief: Thousands of clinical systems are exposed to remote attacks according to researchers, who say that poorly designed and loosely configured medical devices are a major source of insecurity. 

Read more ›

Life and Limb Exception: Researchers OK Outing Dangerous IoT Holes

10:310 comments
Security researchers surveyed at the Black Hat Conference said it was OK to circumvent vendors who were not responding to vulnerabilities in their products - especially when public safety was at risk.

In-brief: a survey of security professionals finds they are willing to circumvent vendors who do not respond to reports of security holes in their products. 

Read more ›
%d bloggers like this: