The UK Bans Default Passwords

The UK is the first country to ban default passwords on IoT devices.

On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted.

The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.

The UK may be the first country, but as far as I know, California is the first jurisdiction. It …

Continue reading The UK Bans Default Passwords

No, Toothbrushes Were Not Used in a Massive DDoS Attack

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false.
Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without readin… Continue reading No, Toothbrushes Were Not Used in a Massive DDoS Attack

Kaspersky’s Advanced Persistent Threats Predictions for 2024

New botnets, more AI in spearphishing and increases in hack-for-hire business are some of Kaspersky’s security predictions. Get extensive APT mitigation tips, too. Continue reading Kaspersky’s Advanced Persistent Threats Predictions for 2024

Advanced threat predictions for 2024

Kaspersky researchers review APT predictions for 2023 and current trends in the advanced threat landscape, and try to predict how it will develop in 2024. Continue reading Advanced threat predictions for 2024

Me Participating in a Comparative Air Force Research Laboratory Information Directorate Technical Report on Botnets and Malware Detection

Just came across this.
O…Me Participating in a Comparative Air Force Research Laboratory Information Directorate Technical Report on Botnets and Malware Detection was first posted on October 3, 2023 at 12:17 am.©2021 "". Use of t… Continue reading Me Participating in a Comparative Air Force Research Laboratory Information Directorate Technical Report on Botnets and Malware Detection

Overview of IoT threats in 2023

IoT threats: how devices get hacked, what malware is uploaded, and what services are on offer on the dark web in 2023. Continue reading Overview of IoT threats in 2023

When Apps Go Rogue

Interesting story of an Apple Macintosh app that went rogue. Basically, it was a good app until one particular update…when it went bad.

With more official macOS features added in 2021 that enabled the “Night Shift” dark mode, the NightOwl app was left forlorn and forgotten on many older Macs. Few of those supposed tens of thousands of users likely noticed when the app they ran in the background of their older Macs was bought by another company, nor when earlier this year that company silently updated the dark mode app so that it hijacked their machines in order to send their IP data through a server network of affected computers, AKA a botnet…

Continue reading When Apps Go Rogue

Anonymous Sudan’s Attack of European Investment Bank: Money, Politics and PR

Pro-Kremlin groups Anonymous Sudan, Killnet and Clop have other motivations than just hacktivism as they widen their attack field beyond political targets.
The post Anonymous Sudan’s Attack of European Investment Bank: Money, Politics and PR appe… Continue reading Anonymous Sudan’s Attack of European Investment Bank: Money, Politics and PR