Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover
Two critical severity bugs have been publicly disclosed that impact Amcrest HDSeries model IPM-721S cameras. Both vulnerabilities open the consumer-grade ($50) Wi-Fi cameras to complete takeover by remote, unauthenticated attackers. Mandar Satam, senior security researcher at Synopsys, found the six security flaws in the IPM-721S camera back in 2017, and the disclosure process began. A spokesperson for Texas-based Amcrest said firmware updates that address the flaw have been available for months users were alerted were alerted to the need to install a mandatory firmware update when logging into the their camera, according to Amcrest.
For two hours, a large chunk of European mobile traffic was rerouted through China
For more than two hours on Thursday, June 6, a large chunk of European mobile traffic was rerouted through the infrastructure of China Telecom, China’s third-largest telco and internet service provider (ISP). The incident occurred because of a BGP route leak at Swiss data center colocation company Safe Host, which accidentally leaked over 70,000 routes from its internal routing table to the Chinese ISP.
Oletko aiheuttanut tietämättäsi tietoturvariskin? Kyberiskut ovat arkipäivää
Tahattomasti riskejä aiheuttavat työntekijät ovat nousseet yritysten suurimpien turvauhkien joukkoon. Asian vakavuutta korostaa se, että kyberiskut yleistyvät muutenkin. Kyberhyökkäysten määrä kasvaa yrityksissä vääjäämätöntä tahtiaan, vaikka organisaatiot jättävät kertomatta suuresta osasta iskuja, it-alan tietoturvajärjestö ISACA:n maanantaina julkistamasta kyselystä ilmenee.
The Catch-22 That Broke the Internet
FIVE DAYS AGO, the internet had a conniption. In broad patches around the globe, YouTube sputtered. Shopify stores shut down. Snapchat blinked out. And millions of people couldnt access their Gmail accounts. The disruptions all stemmed from Google Cloud, which suffered a prolonged outagewhich also prevented Google engineers from pushing a fix. And so, for an entire afternoon and into the night, the internet was stuck in a crippling ouroboros: Google coul
Dark Web Becomes a Haven for Targeted Hits
Malicious services offered on the Dark Web are more like precision arms than blunt instruments, and they’re taking aim at the biggest of businesses. New research, conducted by Dr. Mike McGuire of the University of Surrey, shows four in 10 Dark Web vendors are selling targeted hacking services aimed at FTSE 100 and Fortune 500 businesses. Among the information and services McGuire found on the Dark Web, access to corporate networks is sold openly, with 60% of v
In June 2018, we came across an unusual set of samples spreading throughout South and Southeast Asian countries targeting diplomatic, government and military entities. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels. The actor behind this campaign, believed to be related to the notorious PLATINUM APT group, used an elaborate, previously unseen steganographic technique to conceal communica
Diebold Nixdorf warns customers of RCE bug in older ATMs
Diebold Nixdorf, one of the world’s largest ATM vendors, will notify customers starting next week about ways to secure older Opteva-branded ATMs against a remote code execution (RCE) vulnerability that was publicly disclosed this week. Details about this vulnerability have been published on Medium on Monday, June 4, by a group of Vietnamese security researchers named NightSt0rm.