tag:blogger.com,1999:blog-4503292949532760618.post527403661012008384..comments2024-03-28T13:39:27.601-07:00Comments on DSHR's Blog: The Island of Misfit ToysDavid.http://www.blogger.com/profile/14498131502038331594noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-4503292949532760618.post-83670377273629088272018-08-16T18:34:21.784-07:002018-08-16T18:34:21.784-07:00"Like Mirai, IoTroop is designed to create a ..."Like Mirai, IoTroop is designed to create a global botnet from IoT devices. More insidiously than Mirai, though, IoTroop uses infected IoT devices to search for and infect other devices -- which means that once it gains a foothold inside of a network, it can (and almost certainly will) rapidly spread itself to many other connected devices. Arguably even worse, IoTroop isn't just useful for building a botnet. Its structure is such that, once a device is infected, it sits and waits for its command-and-control server to send it code to execute. ... The reality is that researchers still do not know the intended usage of IoTroop, and likely will not know until detectable payloads are delivered by hackers and found by researchers.<br /><br />The scale of the threat posed by IoTroop also equals its scope: Because IoTroop spreads itself, it grows exponentially rapidly. It's currently known that devices from at least twelve manufacturers are vulnerable, ... Indeed, the list of devices it has already infected is in fact large enough that the Check Point researchers have discovered it in approximately 60% of corporate networks."<br /><br />From <a href="https://www.wirelesswatchdogs.com/blog/why-iotroop-/-reaper-remains-a-persistent-threat" rel="nofollow"><i>Why IoTroop / Reaper Remains a Persistent Threat</i></a>. The details from Check Point are in <a href="https://research.checkpoint.com/iotroop-botnet-full-investigation/" rel="nofollow"><i>IoTroop Botnet: The Full Investigation</i></a>.David.https://www.blogger.com/profile/14498131502038331594noreply@blogger.comtag:blogger.com,1999:blog-4503292949532760618.post-54610602811494155032018-06-27T13:52:39.437-07:002018-06-27T13:52:39.437-07:00"Google's entire Home infrastructure has ..."Google's entire Home infrastructure has suffered a serious outage, with millions of customers on Wednesday morning complaining that their smart devices have stopped working.<br /><br />At the time of writing, the service is still down, and appears to have been knackered for at least the past 10 hours." reports Kieran McCarthy at <i>The Register</i> in <a href="https://www.theregister.co.uk/2018/06/27/google_home_outage/" rel="nofollow"><i>Not OK Google: Massive outage turns smart home kit utterly dumb</i></a>David.https://www.blogger.com/profile/14498131502038331594noreply@blogger.comtag:blogger.com,1999:blog-4503292949532760618.post-16400160442425181472018-06-22T08:38:22.405-07:002018-06-22T08:38:22.405-07:00Catalin Cimpamu's Someone Is Taking Over Insec...Catalin Cimpamu's <a href="https://www.bleepingcomputer.com/news/security/someone-is-taking-over-insecure-cameras-and-spying-on-device-owners/" rel="nofollow"><i>Someone Is Taking Over Insecure Cameras and Spying on Device Owners</i></a> describes another example of the supply chain complexity behind the IoT:<br /><br />"Many brands of webcams, security cameras, pet and baby monitors, use a woefully insecure cloud-based remote control system that can allow hackers to take over devices by performing Internet scans, modifying the device ID parameter, and using a default password to gain control over the user's equipment and its video stream.<br /><br />In the last nine months, two security firms have published research on the matter. Both pieces of research detail how the camera vendor lets customers use a mobile app to control their device from remote locations and view its video stream."David.https://www.blogger.com/profile/14498131502038331594noreply@blogger.comtag:blogger.com,1999:blog-4503292949532760618.post-85558145006335145682018-06-13T07:42:47.035-07:002018-06-13T07:42:47.035-07:00Bruce Schneier's Router Vulnerability and the ...Bruce Schneier's <a rel="nofollow"><i>Router Vulnerability and the VPNFilter Botnet</i></a> has details on the reason why the FBI asked people to reboot their routers:<br /><br />"So if it won't clear out the malware, why is the FBI <a href="https://www.nytimes.com/2018/05/27/technology/router-fbi-reboot-malware.html" rel="nofollow">asking us</a> to reboot our routers? It's mostly just to get a sense of how bad the problem is. The FBI now controls toknowall.com. When an infected router gets rebooted, it connects to that server to get fully reinfected, and when it does, the FBI will know. Rebooting will give it a better idea of how many devices out there are infected."David.https://www.blogger.com/profile/14498131502038331594noreply@blogger.com