I have been standing on my IoT soapbox for a while, saying that IoT is dangerous and people don’t know it. As a result, people aren’t doing anything about it. Well, today I received a dose of reality. We recently completed a vulnerability scan for a client of ours and one of the findings was […]
Continue reading → [DISPLAY_ACURAX_ICONS]When was the last time you patched your Internet router? Probably never. That is what the CIA is counting on. As well as foreign governments and just plain hackers. But when it comes to the CIA, they are probably not interested in you. That may not be the case when it comes to the other […]
Continue reading → [DISPLAY_ACURAX_ICONS]In what has to be one of the largest disclosures of personal data ever, it appears that a Republican National Committee vendor exposed their collection of data on 198 million U.S. voters in the cloud for anyone to trip over. Unlike other cases where hackers broke in or used zero day exploits to compromise systems, […]
Continue reading → [DISPLAY_ACURAX_ICONS]An unnamed but well speculated bank in Brazil (likely Banrisul) had its DNS servers taken over by hackers for a period of about 6 hours one Saturday afternoon last October. Before I explain the impact, let me spend a minute on what DNS is and why it is important. The Internet works on numbers; humans […]
Continue reading → [DISPLAY_ACURAX_ICONS]While this is not unusual it is still worth reiterating. A web server at the Paul F. Glenn Center for the Biology of Aging at Stanford hosted malware for months, undetected. The malware started by installing a web shell onto the web server. This shell was able to do a number of things including upload […]
Continue reading → [DISPLAY_ACURAX_ICONS]As if Yahoo didn’t have enough trouble, it apparently was using a third party software library called ImageMagick which had a serious security bug in it. The library which is used to manipulate images is very widely used. Or at least, it was. Some people say that it has not aged well. Security researcher Chris […]
Continue reading → [DISPLAY_ACURAX_ICONS]