UPnP – Computer Security Articles

P2P Weakness Exposes Millions of IoT Devices

April 26, 2019 admin HiChip, iLnkP2P, Latest Warnings, P2P, Paul Marrapese, Shenzhen Yunni Technology, The Coming Storm, UDP hole punching, UPnP

Credit to Author: BrianKrebs| Date: Fri, 26 Apr 2019 13:17:14 +0000

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found.

Independent Krebs

FBI: Kindly Reboot Your Router Now, Please

May 28, 2018 admin Cisco, FBI, Latest Warnings, Linksys, Linksys E1200, Linksys E2500, MikroTik, Mikrotik 1016, Mikrotik 1036, Mikrotik 1072, Netgear, Netgear DGN2200, Netgear R6400, Netgear R7000, Netgear R8000, Netgear WNR1000, Netgear WNR2000, QNAP, QNAP TS251, QNAP TS439 Pro, R600VPN, Security Tools, Talos Intelligence, The Coming Storm, TP-Link, UPnP, VPNFilter, WRVS4400N

Credit to Author: BrianKrebs| Date: Mon, 28 May 2018 18:54:22 +0000

The Federal Bureau of Investigation (FBI) is warning that a new malware threat has rapidly infected more than a half-million consumer devices. To help arrest the spread of the malware, the FBI and security firms are urging home Internet users to reboot routers and network-attached storage devices made by a range of technology manufacturers.

Independent Krebs

Some Basic Rules for Securing Your IoT Stuff

January 17, 2018 admin Censys.io, Glasswire, Internet of Things, Iot Security rules, Mirai, Security Tools, Shields Up, Steve Gibson, The Coming Storm, U.S. Justice Department, universal plug and play, UPnP

Credit to Author: BrianKrebs| Date: Wed, 17 Jan 2018 19:36:24 +0000

Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldn’t begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and “smart” lightbulbs. Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

Independent Krebs

Dahua, Hikvision IoT Devices Under Siege

March 10, 2017 admin Amit Serper, bashis, Cybereason, Dahua backdoor, DH-IPC-HDBW13A0SN, DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDW13A0SN, DH-IPC-HDW23A0RN-ZS, DH-IPC-HFW13A0SN-W, Hikvision, Other, P2P, UPnP

Credit to Author: BrianKrebs| Date: Fri, 10 Mar 2017 20:07:51 +0000

Dahua, the world’s second-largest maker of “Internet of Things” devices like security cameras and digital video recorders (DVRs), has shipped a software update that closes a gaping security hole in a broad swath of its products. The vulnerability allows anyone to bypass the login process for these devices and gain remote, direct control over vulnerable systems. Adding urgency to the situation, there is now code available online that allows anyone to exploit this bug and commandeer a large number of IoT devices.