“October 21st attackers seem responsible”
On November 3rd, continuous attacks from hijacked IoT devices were able to successfully bring down internet access to thousands of people. Some of the attacks were among the biggest ever seen, and targeted huge web companies such as Spotify, Twitter, and Reddit.
“New IoT light bulbs vulnerable to hacks”
A recent report titled “IoT Goes Nuclear” has outlined problems seen in new Philips Hue smart light bulbs and similar devices that use ZigBee transmissions. Researchers from the Weizmann Institute of Science and Dalhousie University were successful in hacking and remotely using them from a separate location. Vulnerabilities like these have led to massive DDoS attacks, such as the October 21st web attack that brought many high value sites to their knees for several hours.
“The flaw could have given admin access to unauthorized user”
Cisco has now patched a significant vulnerability in its Prime Home system, a tool that allows a user to manage their smart devices. Before the patch was released, the firm issued an alert that the GUI interface was facing a security flaw that could potentially allow remote users to access functions they otherwise would not be able to access.
“Undertaken to assess the threat to cloud infrastructure”
A Rapid7 research project has been undertaken to expose the vulnerabilities and misconfigurations in public internet spaces. The Rapid7 ‘Heisenberg Cloud’ combines scan data from scan data from the Heisenberg and Project Sonar.