Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori.

A list of device IPs and credentials has gone viral since Thursday, kicking off an effort by researchers to notify the owners of these connected devices before they’re hacked.

Two IP cameras sold by Loftek and VStartcam are leaving over 1.3 million users open to 21 vulnerabilities that range from a lack of HTTPS encryption to bugs that open users up to cross-site request forgery attacks.

Cisco said an unpatched critical vulnerability exposed by WikiLeaks’ Vault 7 release of CIA documents could give an attacker full control of the targeted switches and routers.

Backdoors, likely intentional remote administration features, were closed off in 80 different Sony IP-enabled cameras running the IPELA Engine technology.

A recent Internet scan threw a bucket of cold water on the notion that wonky, unsecured services have been significantly reduced from the Internet. “Today’s Internet in 2016 looks like the 1996 Internet, which is a little depressing,” said Rapid7 security research manager Tod Beardsley. Beardsley and colleagues Bob Rudis and Jon Hart today published...

The NSA’s subversion of encryption standards may have come home to roost. As more eyes examine the Juniper backdoor in ScreenOS, the operating system standing up its NetScreen VPNs, it’s becoming clear that someone backdoored the NSA backdoor in Dual_EC_DRBG, opening the door to passive decryption of any VPN traffic moving through a NetScreen gateway....

Researchers from two security firms have uncovered the password guarding one of the backdoors discovered in Juniper Networks’ ScreenOS, the operating system behind its NetScreen enterprise-grade firewalls. Fox-IT and Rapid7 found the secret code, which was disguised to look like debug code, said Rapid7 chief research officer HD Moore. “This password allows an attacker to...