UPnP
Detecting the New CallStranger UPnP Vulnerability With Zeek
By Ryan Victory, Corelight Security Researcher On June 8, Yunus Çadırcı, a cybersecurity senior manager at EY Turkey released a whitepaper and proof of concept code repository for a newly discovered vulnerability ...
P2P Weakness Exposes Millions of IoT Devices
A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new ...
Hackers Hijack Chromecast Devices and Smart TVs via Exposed UPnP
A pair of hackers has launched a campaign that displays rogue messages on people’s smart TVs encouraging them to subscribe to a popular YouTube channel. The attack doesn’t seem to be malicious ...
Hackers Exploit UPnP in Routers to Expose Private Networks to Attacks
Hackers are exploiting insecure UPnP implementations in routers to expose millions of computers from inside private networks to SMB attacks. Universal Plug and Play (UPnP) is a service that allows devices to ...
FBI: Kindly Reboot Your Router Now, Please
The Federal Bureau of Investigation (FBI) is warning that a new malware threat has rapidly infected more than a half-million consumer devices. To help arrest the spread of the malware, the FBI ...
Hackers Using Hard-to-Block DDoS Amplification Technique
Hackers have started to abuse routers and other internet-of-things devices that expose their UPnP interfaces to the internet to launch distributed denial-of-service (DDoS) attacks that are hard to block, even by DDoS ...
New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation
Amplification attack vectors are some of the most commonly used tools in the DDoS attacker’s arsenal. In the last quarter of 2017, we saw NTP amplification employed in roughly 33 percent of ...
