The operators of a gaming server rental business are believed to have built an IoT DDoS botnet, which they are now offering as part of the server rental scheme.
Tens of thousands of MikroTik and Ubiquiti routers are currently available online, featuring alarmistic hostnames such as "HACKED FTP server," "HACKED-ROUTER-HELP-SOS-WAS-MFWORM-INFECTED," or "HACKED-ROUTER-HELP-SOS-HAD-DEFAULT-PASSWORD."
In 2017, the number of command and control (C&C) servers used for managing IoT botnets has more than doubled, going from 393 in 2016 to 943 in 2017.
Similar vulnerabilities affect some Sonos and Bose smart speakers that allow hackers to take over devices, collect data on users, and even make devices to play desired audio tracks.
Here's something to be cheery on Christmas Day —a vulnerability affecting a web server that's been embedded in hundreds of thousands of IoT devices.
The rise of the Satori botnet and the fall of the Andromeda (Gamarue) botnet are the main two factors that have led to a 50% growth of the Spamhaus Exploits Block List (XBL) during the past month.
Three men have pleaded guilty for their role in the creation of the Mirai malware and the use of the subsequent Mirai botnet to launch DDoS attacks on multiple targets across the Internet, according to documents unsealed today by the US Department of Justice (DOJ).
The author of the BrickerBot malware has announced his retirement in an email to Bleeping Computer, also claiming to have bricked over 10 million devices since he started the "Internet Chemotherapy" project in November 2016.
A botnet made up of IoT devices is helping hackers mask attacks on web applications, acting as a relay point for SQL injection (SQLi), cross-site scripting (XSS), and local file inclusion (LFI) attempts.
Researchers find three vulnerabilities in an IoT safe that can be exploited to acquire the safe's PIN code, pair with the device, and open the safe.
Security researchers are raising the alarm in regards to a new botnet named Satori that has been seen active on over 280,000 different IPs in the past 12 hours.
A security researcher has identified thousands of Serial-to-Ethernet devices connected online that leak Telnet passwords that could be used to attack the equipment that is placed behind them.
The publication of proof-of-concept (PoC) exploit code in a public vulnerabilities database has lead to increased activity from Mirai-based IoT botnets, Li Fengpei, a security researcher with Qihoo 360 Netlab, told Bleeping Computer today.
A month after Amazon launched Amazon Key, security experts have already identified a flaw in the device's mode of operation that could allow rogue deliverymen to re-enter customer homes without being recorded.
Over 20 million Amazon Echo and Google Home devices running on Android and Linux are vulnerable to attacks via the BlueBorne vulnerability, IoT cyber-security firm Armis announced today.
Avira has announced a new security solution called SmartThings that aims to protect consumers from the lack of security found in most Internet of Things devices.
Logitech will intentionally brick all Harmony Link universal hubs next year, on March 16, 2018. The company has emailed all Harmony Link customers with the bad news.