380° <g...@biscuolo.net> writes: [...]
> Sapete quante notizie o ricerche si possono confezionare grazie a Shodan > in merito a quanti dispositivi server, router e "IoT" connessi a > internet sono vulnerabili a qualche "attacco NON zero-day" (di cui è > disponibile la "patch")? E la cosa che mi fa scompisciare dalle risate è che: --8<---------------cut here---------------start------------->8--- Using Shodan with respect to a device the user does not own is a felony crime under the laws of some states in the United States even if no damage is done to the device or system. --8<---------------cut here---------------end--------------->8--- via: https://en.wikipedia.org/wiki/Shodan_(website) Sono sicuro che sia illegale, illegale da codice penale, anche in altri stati non ancora documentati su Wikipedia. :-D In galera! B-) > Beh se non lo sapevate, *sapetelo*: > https://duckduckgo.com/?q=shodan+discovered+vulnerable+devices&ia=web Tipo, per citare gli ultimi: 1. «Over 90,000 LG Smart TVs may be exposed to remote attacks» (9 Aprile 2024) https://www.bleepingcomputer.com/news/security/over-90-000-lg-smart-tvs-may-be-exposed-to-remote-attacks/ --8<---------------cut here---------------start------------->8--- CVE-2023-6318 is an elevation of privilege vulnerability that allows attackers to gain root access following the initial unauthorized access provided by CVE-2023-6317. [...] Bitdefender reported its findings to LG on November 1, 2023, but it took the vendor until March 22, 2024, to release the related security updates. [...] Though TVs are less critical in terms of security, the severity of remote command execution remains potentially significant [...] --8<---------------cut here---------------end--------------->8--- Ricordo che è molto probabile che tutte le TV "smart" abbiano un microfono, alcune hanno pure una telecamera integrata. 2. «Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation» (8 Aprile 2024) https://arstechnica.com/security/2024/04/hackers-actively-exploit-critical-remote-takeover-vulnerabilities-in-d-link-devices/ --8<---------------cut here---------------start------------->8--- Hackers are actively exploiting a pair of recently discovered vulnerabilities to remotely commandeer network-attached storage devices manufactured by D-Link, researchers said Monday. Roughly 92,000 devices are vulnerable to the remote takeover exploits [...] The first, tracked as CVE-2024-3272 and carrying a severity rating of 9.8 out of 10, is a backdoor account enabled by credentials hardcoded into the firmware. The second is a command-injection flaw tracked as CVE-2024-3273 and has a severity rating of 7.3. It can be remotely activated with a simple HTTP GET request. --8<---------------cut here---------------end--------------->8--- Lasciate che ve lo ripeta: "backdoor account enabled by credentials hardcoded into the firmware". Chiaro?!? Capite perché la *presunta* distinzione tra software e firmware mi infastidisce, ci sono "esperti del settore" che ancora la /predicano/. ...insomma, business as _usual_, no? Loving, 380° -- 380° (Giovanni Biscuolo public alter ego) «Noi, incompetenti come siamo, non abbiamo alcun titolo per suggerire alcunché» Disinformation flourishes because many people care deeply about injustice but very few check the facts. Ask me about <https://stallmansupport.org>.
signature.asc
Description: PGP signature
_______________________________________________ nexa mailing list nexa@server-nexa.polito.it https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa
