article thumbnail

IoT Devices in Password-Spraying Botnet

Schneier on Security

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. The low-volume password spray process; for example, monitoring for multiple failed sign-in attempts from one IP address or to one account will not detect this activity.

Passwords 313
article thumbnail

The UK Bans Default Passwords

Schneier on Security

The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted.

Passwords 338
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Half a Million IoT Device Passwords Published

Schneier on Security

It's a list of easy-to-guess passwords for IoT devices on the Internet as recently as last October and November. Useful for anyone putting together a bot network: A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) "smart" devices.

IoT 277
article thumbnail

Half a Million IoT Passwords Leaked

Schneier on Security

The hacker then tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations. Default passwords? We have a long way to go to secure the IoT.

IoT 248
article thumbnail

Proposed UK Law Bans Default Passwords

Schneier on Security

Following California’s lead, a new UK law would ban default passwords in IoT devices.

Passwords 339
article thumbnail

Weekly Update 219: IoT Unravelled with Scott Helme

Troy Hunt

More than 200,000 unique visitors dropped by this week, mostly to read about IoT things. I topped the week off by spending a couple of hours talking to Scott Helme about our respective IoT experiences so that's the entirety of this week's update - Scott and I talking IoT.

IoT 307
article thumbnail

IoT Unravelled Part 3: Security

Troy Hunt

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT 361