Cisco has patched vulnerability in its video surveillance manager software that could give an unauthenticated, remote attacker the ability to execute arbitrary commands on targeted systems.
Link: https://threatpost.com/critical-vulnerability-found-in-cisco-video-surveillance-manager/137615/
The Internet of Things (IoT) is rapidly showing up in all facets of daily life and collecting personally identifiable information (PII) in massive quantities. From smart home thermostats to one-click purchasing, IoT devices collect PII to personalize experiences for consumers. In an increasingly digital and connected world, unprecedented immersion into environments of convenience, knowledge, and accessibility has become the norm. […]
The post The Internet of Things (IoT) and Digitally Stored PII: Avoidable or Inevitable? appeared first on Security Through Education.
The three hackers behind the infamous Mirai botnet have been helping law enforcement take down cybercriminals across the globe.
Link: https://threatpost.com/mirai-masterminds-helping-fbi-snuff-out-cybercrime/137556/
Citing “extraordinary cooperation" with the government, a court in Alaska on Tuesday sentenced three men to probation, community service and fines for their admitted roles in authoring and using "Mirai," a potent malware strain used in countless attacks designed to knock Web sites offline — including an enormously powerful attack in 2016 that sidelined this Web site for nearly four days.
Link: https://krebsonsecurity.com/2018/09/mirai-botnet-authors-avoid-jail-time/
A honeypot set up to sniff out data on infected IoT devices found a broad array of compromised devices – from Mikrotik routers to dishwashers.
Link: https://threatpost.com/threatlist-malware-samples-targeting-iot-more-than-double-in-2018/137528/
Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug.
Link: https://threatpost.com/zero-day-bug-allows-hackers-to-access-cctv-surveillance-cameras/137499/
The infosec community say a recently approved IoT security bill is “nice," but doesn’t hit on the important issues.
Link: https://threatpost.com/experts-bemoan-shortcomings-with-iot-security-bill/137409/
Cybersecurity is adversarial in nature, hackers try to understand security mechanisms and how to bypass them.
Link: http://feedproxy.google.com/~r/Imperviews/~3/eAcwnv8X3gk/
By implementing the “Equifax bug," it’s the first known time a Mirai IoT botnet variant has targeted an Apache Struts vulnerability.
Despite the advent to bug bounty programs and enlightened vendors, researchers still complain of abuse, threats and lawsuits.
Link: https://threatpost.com/the-vulnerability-disclosure-process-still-broken/137180/