Sierra Wireless Patches Critical Vulns in Hundreds of Thousands of Wireless Routers

Sierra Wireless has patched two critical vulnerabilities for its range of wireless gateways that would leave the enterprise devices helpless to an array of remote threats, including the charms of the Reaper IoT botnet. The more critical of the two (with a 9.4 CVSSv3 Temp Score) is a privilege-escalation bug (CVE-2018-10251), which could allow a […]

Link: https://threatpost.com/sierra-wireless-patches-critical-vulns-in-hundreds-of-thousands-of-wireless-routers/131804/

Study: Attack on KrebsOnSecurity Cost IoT Device Owners $323K

A monster distributed denial-of-service attack (DDoS) against KrebsOnSecurity.com in 2016 knocked this site offline for nearly four days. The attack was executed through a network of hacked “Internet of Things" (IoT) devices such as Internet routers, security cameras and digital video recorders. A new study that tries to measure the direct cost of that one attack for IoT device users whose machines were swept up in the assault found that it may have cost device owners a total of $323,973.75 in excess power and added bandwidth consumption.
My bad.

Link: https://krebsonsecurity.com/2018/05/study-attack-on-krebsonsecurity-cost-iot-device-owners-323k/

Hide and Seek IoT Botnet resurfaces with new tricks, persistence

On April 30, Bitdefender researchers became aware of a new version of the Hide and Seek bot we documented earlier this year. The botnet, the world’s first to communicate via a custom-built peer to peer protocol, has now also become the first to gain persistence (the ability to survive a reboot) with the new version. […]

Link: https://labs.bitdefender.com/2018/05/hide-and-seek-iot-botnet-resurfaces-with-new-tricks-persistence/