Two IP cameras sold by Loftek and VStartcam are leaving over 1.3 million users open to 21 vulnerabilities that range from a lack of HTTPS encryption to bugs that open users up to cross-site request forgery attacks.
A hacker that goes by the name “BestBuy” admitted to a German court that he was behind an attack last year that knocked over a million Deutsche Telekom customers offline.
The number of new malware samples in the wild this year targeting connected internet-of-things (IoT) devices has already more than doubled last year’s total.
In its annual National Exposure Index report, Rapid7 found 160 million computers, IoT devices and servers with open ports that should not be exposed to the public network.
This year’s Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling.