Connect with us

Press Release

Nine widely used WiFi routers had 226 vulnerabilities.

Published

on

Nine widely used WiFi routers had 226 vulnerabilities.

Even when using the most recent firmware, security researchers examined nine widely used WiFi routers and discovered a total of 226 possible vulnerabilities in them.

Millions of people use the tested routers, which are made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys.

The TP-Link Archer AX6000, which has 32 problems, and the Synology RT-2600ac, which has 30 security flaws, are the two devices with the most vulnerabilities.

The examination process
In partnership with CHIP magazine, researchers at IoT Inspector conducted security tests with a focus on models primarily used by small businesses and residential users.

According to Florian Lukavsky, CTO & Founder at IoT Inspector, “vendors provided them with current models, which were upgraded to the newest firmware version, for Chip’s router review.”

“IoT Inspector automatically examined the firmware versions and searched for more than 5,000 CVEs and other security flaws.”

Although not all defects posed the same risk, the researchers discovered a few widespread issues that impacted the majority of the evaluated models:

The firmware contains an outdated Linux kernel.
stale VPN and multimedia features
over-reliance on BusyBox’s earlier iterations
weak default passwords like “admin” are used
Hardcoded credentials are present in plain text.
Changing the router’s default password when configuring it for the first time is one of the most crucial steps you can take to secure it, according to Jan Wendenburg, CEO of IoT Inspector.

Whether an IoT device is used at home or in a corporate network, changing the password upon first use and turning on automatic updates must be regular procedure, according to Wendenburg.

In addition to manufacturer-introduced vulnerabilities, utilising an IoT device with the adage “plug, play, and forget” poses the greatest risk.

Continue Reading

Press Release

Angry IT administrator destroys employer’s databases; sentenced to 7 years in prison

Published

on

Angry IT administrator destroys employer's databases; sentenced to 7 years in prison

Han Bing, a former database manager for Lianjia, a major Chinese real estate agency, was given a 7-year prison term for breaking into company computers and erasing data.

Bing is accused of carrying out the conduct in June 2018, when he reportedly accessed the company’s finance system using his administrator rights and “root” account and deleted all previously saved data from two database servers and two application servers.

Large elements of Lianjia’s operations were immediately crippled as a result, leaving tens of thousands of workers without pay for an extended length of time and necessitating a data restoration effort that cost about $30,000.

However, because Lianjia has thousands of offices, employs over 120,000 brokers, owns 51 companies, and has an estimated $6 billion market value, the indirect costs from the firm’s economic disruption were significantly more detrimental.

examination of the staff
H. Bing was one of the five primary suspects in the event involving the data deletion, according to records made public by the court of the People’s Procuratorate of Haidian District, Beijing.

When the administrator refused to reveal his laptop password to the company’s inspectors, suspicions were quickly aroused.

Chinese media outlets who reprinted portions of the disclosed documents explain that “Han Bing stated that his computer had confidential data and the password could only be handed to official authorities, or would only accept entering it personally and being present during the checks.”

The checks were solely carried out to evaluate the response of the five employees who had access to the system because, as the investigators testified in court, they knew that such an operation wouldn’t leave any records on the laptops.

Finally, the experts were able to pinpoint the activity to particular internal IPs and MAC addresses after retrieving access records from the servers. The inspectors even collected WiFi network logs and timestamps, which they afterwards compared against CCTV footage to validate their suspicions.

The forensic expert hired by the company concluded that Bing had wiped the databases using the “shred” and “rm” commands. Rm deletes the files’ symbolic links, whereas shred overwrites the data three times with different patterns to make it unrecoverable.

Unhappy employee?
Unexpectedly, Bing had regularly warned his employer and superiors about security flaws in the finance system, even emailing other administrators to express his concerns.

He was mostly disregarded, nevertheless, as the departmental administrators never gave their approval for the security project he wanted to oversee.

This was supported by the testimony of the director of ethics at Lianjia, who told the court that Han Bing frequently argued with his superiors because he believed his organisational suggestions weren’t valued.

A similar incident occurred in September 2021 when a former employee of a credit union in New York deleted approximately 21.3GB of records in a 40-minute rampage as retaliation for her managers terminating her.

Continue Reading

Press Release

Zuckerberg says Facebook is dealing with Spotify on a songs assimilation job codenamed Task Boombox (Salvador Rodriguez/CNBC).

Published

on

Facebook is dealing with Spotify on a songs

Zuckerberg says Facebook is working with Spotify on a music integration project codenamed Project Boombox (Salvador Rodriguez/CNBC)

Salvador Rodriguez / CNBC:
Zuckerberg says Facebook is working with Spotify on a music integration project codenamed Project Boombox  —  – Facebook CEO Mark Zuckerberg on Monday announced that the company is building audio features where users can engage in real-time conversations with others.

Continue Reading

Press Release

THE UNITIONS OF WEARABLE DEVICE SHIPMENTS FOR 2020 GREW 28.4% TO 444.7M UNITS, TEAHING FROM APPLE, WHICH GREW 27.2% IN Q4 AND HAS 36.2% MARKETSHARE, FOLLOWED BY XIAOMI AT *9% (IDC).

Published

on

WEARABLE DEVICE SHIPMENTS FOR 2020

Wearable device shipments for 2020 grew 28.4% to 444.7M units globally, led by Apple which grew 27.2% in Q4 and has 36.2% marketshare, followed by Xiaomi at ~9%  —  Worldwide shipments of wearable devices reached 153.5 million in the fourth quarter of 2020 (4Q20), a year-over-year increase …

Continue Reading

Trending