July 29, 2024 at 01:25PM Cybersecurity company Acronis warns of a critical security flaw, CVE-2023-45249, in its Cyber Infrastructure product, allowing remote code execution due to default passwords. Versions 5.0.1-61 to 5.4.4-132 are affected, with updates released in late October 2023. The exploit has been observed in the wild, urging affected users to update for … Read more
April 30, 2024 at 03:03AM The UK NCSC urges smart device manufacturers to comply with the new PSTI act, prohibiting default passwords. This aims to enhance ongoing protection against cyber attacks for consumers. Failure to comply may result in recalls and fines of up to £10 million or 4% of global revenues. This makes the … Read more
December 18, 2023 at 11:09AM The cybersecurity agency CISA advises manufacturers to cease using default passwords for industrial control systems (ICS) in the water sector due to recent attacks. It recommends implementing safe default behavior, eliminating widely known default passwords, and conducting field tests to ensure secure product usage. Executives are urged to drive security … Read more
December 18, 2023 at 01:24AM The U.S. CISA stresses eliminating default passwords on internet-exposed systems due to severe risks exploited by Iranian threat actors. Mitigation measures include utilizing unique setup passwords or enabling multi-factor authentication. CISA advises strong passwords, network segregation, and encryption to enhance security. Additionally, recommendations for hardening software supply chains have been … Read more
December 15, 2023 at 02:06PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned against the use of default passwords in technology products due to the potential security risks. They recommended alternatives such as unique setup passwords, time-limited passwords, and mandating physical access for initial setup. CISA stressed that relying on customers to change passwords … Read more
November 23, 2023 at 03:29AM Akamai has discovered two zero-day vulnerabilities that are being exploited to distribute the Mirai malware and create botnets for DDoS attacks. The vulnerabilities target routers and network video recorders from two vendors, and the devices’ default passwords are being used. Akamai’s Security Intelligence Response Team has not disclosed the affected … Read more
October 18, 2023 at 03:07PM Researchers found that out of over 1.8 million admin portals, 40,000 had “admin” as the password, making it the most popular password among IT administrators. The study also revealed an increase in the use of default passwords. The top 10 passwords included common defaults and easy-to-guess options. This highlights the … Read more