D-Link cloud camera more than 1 2 0 product gaps, about 4 0 million devices affected-vulnerability warning-the black bar safety net

2016-07-18T00:00:00
ID MYHACK58:62201677045
Type myhack58
Reporter 佚名
Modified 2016-07-18T00:00:00

Description

! Before the camera there is a security vulnerability, privacy is leaked out of the event. This event is the protagonist of turn A D-Link cloud camera. A woman named Stephen Ridley of the security researcher found that the D-Link cloud camera vulnerabilities exist, and he also found more than 1 2 0 product the presence of the same vulnerability. More than 4 0 million D-Link device can be online use Since the RCE vulnerabilities can be connected via a network is performed after, any existence of this vulnerability D-Link device via a ping command can connect successfully, that there is a potential danger. Researchers claimed that a total of over 4 0 million D-link equipment is currently available online. In before he planned to attend the 2 0 1 6 years safe weekend ICS network security Protocol of the interview, the researchers say, his original password reset code can be any type of attack code to replace, and can be in the above to take any actions. The attacker only needs to be done is to get them to want to reach the D-Link device the original vulnerability components. The attacker only need to change vulnerabilities need to run the memory value, it can invade the internal device of the vulnerable components. Combat IoT botnet for? Data analysis is perhaps the antidote. Last week Sucuri disclosed a 2 5 0 0 0 a powerful botnet, which the CCTV camera is also present this problem. This botnet is established in China the same supplier of the firmware code, and to 7 0 Number of companies transport their equipment. The same situation can now be repeated on the D-Link device. Friends news Group is committed to fix all the problems, but the IOT device firmware upgrade is notoriously slow--slow to wait until someone figured out how to apply a firmware update, the Friends of the news Group's equipment is already hundreds of botnet part. Security team is looking for a new and effective method to identify threats, while the security analysis of the emerging field proved to be the most promising areas of innovation. Security analysis contains a wide range of analytical techniques, it can perform different data sources, such as network traffic, host-based indicators, or any type of event log. In many ways big data is clearly a powerful tool, but it does not correspond to each question. Too much data will actually suppress staff member that they lost. In a big data security Analytics project, the IT Department is likely to hoard a large amount of data and can not be completely digested. Cloud camera is the use of cloud computing, while cloud computing and big data are inextricably linked, from the technical point of view, big data and cloud computing relationship is like a coin two sides of the same are inseparable. Big data can not necessarily use a single computer for processing, you must use a distributed computing architecture. It is characterized by the massive data mining, but it must rely on cloud computing, distributed processing, distributed databases, cloud storage and virtualization technologies. We have to learn to reduce the amount of data, otherwise too much weight will only produce for hackers to attack the vulnerabilities. Although in some areas the amount of data the more you away from success even further. But in cloud computing which this point does not comply, a large amount of data will only make our data analysis becomes more difficult. Only learn how to reduce the amount of data, our analysis will be more perfect, our Security can be further improved, like this cloud Camera the event to be able to be avoided.