SoylentNews is people
SoylentNews
Nearly a half-billion Internet of Things devices are vulnerable to cyberattacks at businesses worldwide because of a 10-year-old security flaw, according to a new report from a security software vendor.
The report was published Friday by Armis, a provider of Internet of Things security software for enterprises that focuses on detecting threats in IoT devices at workplaces. The Palo Alto, Calif.-based company has previously made security disclosures, including the BlueBorne malware attack that impacted 5 billion IoT devices.
The web exploit in question is called DNS rebinding, an attack first disclosed at the RSA Conference in 2008 that allows an attacker to bypass a network firewall and use a victim's web browser to access other devices on the network. The attacker can gain access to the web browser through a malicious link enclosed within an email, banner ad or another source. This can leave devices susceptible to data exfiltration, compromise and hijacking, the latter of which could lead to a botnet attack similar to the Mirai malware that took down major websites in 2016.
(Score: 0) by Anonymous Coward on Wednesday July 25 2018, @02:27PM
yeah this used to be a feature for some things, too.
eh well you know, making stuff convenient doesnt require knowing how the stuff it sits on actually works. probably it shouldn't require that knowledge, but someone in that product chain should before it gets in the hands of consumers. its too much to ask everyone to know how security works. but someone should be paid to to oversee that.
maybe the insurance industry can require every company have a cybercloud czar or something, and refuse to pay out to any company that chose to be stupid or proclaims willful ignorance.
maybe laws can help. but probably not under this administration. right now the us has business at any cost, since little people can't say no.