Analogue radio given 10-year stay of execution as the UK U-turns on DAB digital future

It's not a Windows 10 release without something breaking so here's a troubleshooter for your OneDrive woes

AWS attempts to woo devs with new tool aimed at porting .NET applications to Linux

The good news: Vodafone switches on first full-fat, real-life 5G network in the UK. The bad news: it only got sent to Coventry

Microsoft takes tweaking tongs to Windows 10's Start Menu once again

Scala contributor: Open source and diversity key to tackling dev skills shortage

'90s retro resurrection PowerToys hits 0.19, bringing raft of fixes and a final flash from the desktop

Firefox 78: Protections dashboard, new developer features... and the end of the line for older macOS versions

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

Fighting BEC and EAC: Why whack-a-mole won’t work

F5 emits fixes for critical flaws in BIG-IP gear: Hopefully yours aren't internet-facing while you ready a patch

Holy Guacamole! Researchers find Apache remote desktop software was silently pwnable for snooping on sessions

Languishing lodash library loophole finally fitted for a fix: It's only taken since October to address security bug

Continuous Lifecycle Online: Just like our London conference – but in your own home. Grab tickets now

Containers to capture 15% of all enterprise apps across 75% of business by 2024

HashiCorp Cloud Platform unveiled – but in private beta for AWS only

Dutch national broadcaster saw ad revenue rise when it stopped tracking users. It's meant to work like that, right?

Brit MPs vote down bid to delay IR35 reforms, press ahead with new tax rules for private-sector contractors

No one can compete with Google... unless it opens its click-and-query data to rivals, says UK markets watchdog

Happy privacy action day in California: If you don't have 'Do not sell my information' in your website footer, you need to read this story right now

Like a Bolt from the blue, Huawei's fledgling AppGallery signs a ride-sharing platform

Cool IT support drones never look at explosions: Time to resolution for misbehaving mouse? Three seconds

'Google cannot stop it, control it or curtail it...' Inside the murky world of fake addiction treatment center search spam

Purism's quest against Intel's Management Engine black box CPU now comes in 14 inches

Geek's Guide

UK government shakes magic money tree, finds $500m to buy a stake in struggling satellite firm OneWeb

Don't beat yourself up for overeating in lockdown. This black hole scoffs equivalent of our Sun every day

UK space firms forced to adjust their models of how the universe works as they lose out on Copernicus contracts

Remember that black hole just 1,000 light years from Earth? Scientists queue up to say it may not exist after all

If you wanna make your own open-source chip, just Google it. Literally. Web giant says it'll fab them for free

It's a tough time for digital transformation in the financial services world – but fret not, there’s help at hand

Huawei develops epidemic prevention and control solutions for safer travel

Rental electric scooters to clutter UK street scenes after Department of Transport gives year-long trial the thumbs-up

Verity Stob

E-scooter fanboy so hyped for Teesside to host UK's first trial

Erudite, insightful, self-aware and almost human: Give your local database admin a hug – it's DBA Appreciation Day

Well bork me sideways: A railway ticket machine lies down for a little Windoze

Hey, Boeing. Don't celebrate your first post-grounding 737 Max test flight too hard. You just lost another big contract

Security

Surveillance camera compromised in 98 seconds

All your cameras are belong to Mirai

Fri 18 Nov 2016 // 23:26 UTC 42

Got Tips?

Thomas Claburn in San Francisco Bio Email Twitter

Robert Graham, CEO of Errata Security, on Friday documented his experience setting up a $55 JideTech security camera behind a Raspberry Pi router configured to isolate the camera from his home network.

According to Graham's series of Twitter posts, his camera was taken over by the Mirai botnet in just 98 seconds.

Mirai conducts a brute force password attack via telnet using 61 default credentials to gain access to the DVR software in video cameras and to other devices such as routers and CCTV cameras.

After the first stage of Mirai loads, "it then connects out to download the full virus," Graham said in a Twitter post. "Once it downloads that, it runs it and starts spewing out SYN packets at a high rate of speed, looking for new victims."

Graham said the defense recommended by the Christian Science Monitor – changing the default password of devices before connecting them to the Internet – doesn't help because his Mirai-infected camera has a telnet password that cannot be changed.

"The correct mitigation is 'put these devices behind your firewall'," Graham said. ®

Tips and corrections

42 Comments

Keep Reading

The 'IoT' in Microsoft IoT Hub means Internet of Trying-to-kill-off-whiffy-crypto-protocol: TLS 1.0/1.1 spared axe again

Stay of execution granted after customer 'feedback'

Internet of Tardiness: Microsoft puts on a brave face as IoT boat prepares to set sail

Build Lots of previews and coming-soons, but is it too little, too late?

UK.gov dangles £400k over makers of IoT Things: Go on, let's see how you'd make a security cert scheme

And if you win, we'll make it into a kitemark

Amazon straightens up its IoT house, complete with virtual Alexa, ahead of Las Vegas shindig

re:Invent Coffee machines will listen to you if vendors implement it

CyberX, CyberX, does whatever a CyberX does. Locks IoT, machines too, Microsoft got it, so will you

In Brief Plus: DDoS'er jailed, and more

ABOUT US

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR NEWSLETTERS

Join our daily or weekly newsletters, subscribe to a specific section or set News alerts

Subscribe

Do not sell my personal information Cookies Privacy Ts&Cs

Analogue radio given 10-year stay of execution as the UK U-turns on DAB digital future

It's not a Windows 10 release without something breaking so here's a troubleshooter for your OneDrive woes

AWS attempts to woo devs with new tool aimed at porting .NET applications to Linux

The good news: Vodafone switches on first full-fat, real-life 5G network in the UK. The bad news: it only got sent to Coventry

Microsoft takes tweaking tongs to Windows 10's Start Menu once again

Scala contributor: Open source and diversity key to tackling dev skills shortage

'90s retro resurrection PowerToys hits 0.19, bringing raft of fixes and a final flash from the desktop

Firefox 78: Protections dashboard, new developer features... and the end of the line for older macOS versions

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

Fighting BEC and EAC: Why whack-a-mole won’t work

F5 emits fixes for critical flaws in BIG-IP gear: Hopefully yours aren't internet-facing while you ready a patch

Holy Guacamole! Researchers find Apache remote desktop software was silently pwnable for snooping on sessions

Languishing lodash library loophole finally fitted for a fix: It's only taken since October to address security bug

Continuous Lifecycle Online: Just like our London conference – but in your own home. Grab tickets now

Containers to capture 15% of all enterprise apps across 75% of business by 2024

HashiCorp Cloud Platform unveiled – but in private beta for AWS only

Dutch national broadcaster saw ad revenue rise when it stopped tracking users. It's meant to work like that, right?

Brit MPs vote down bid to delay IR35 reforms, press ahead with new tax rules for private-sector contractors

No one can compete with Google... unless it opens its click-and-query data to rivals, says UK markets watchdog

Happy privacy action day in California: If you don't have 'Do not sell my information' in your website footer, you need to read this story right now

Like a Bolt from the blue, Huawei's fledgling AppGallery signs a ride-sharing platform

Cool IT support drones never look at explosions: Time to resolution for misbehaving mouse? Three seconds

'Google cannot stop it, control it or curtail it...' Inside the murky world of fake addiction treatment center search spam

Purism's quest against Intel's Management Engine black box CPU now comes in 14 inches

UK government shakes magic money tree, finds $500m to buy a stake in struggling satellite firm OneWeb

Don't beat yourself up for overeating in lockdown. This black hole scoffs equivalent of our Sun every day

UK space firms forced to adjust their models of how the universe works as they lose out on Copernicus contracts

Remember that black hole just 1,000 light years from Earth? Scientists queue up to say it may not exist after all

If you wanna make your own open-source chip, just Google it. Literally. Web giant says it'll fab them for free

It's a tough time for digital transformation in the financial services world – but fret not, there’s help at hand

Huawei develops epidemic prevention and control solutions for safer travel

Rental electric scooters to clutter UK street scenes after Department of Transport gives year-long trial the thumbs-up

E-scooter fanboy so hyped for Teesside to host UK's first trial

Erudite, insightful, self-aware and almost human: Give your local database admin a hug – it's DBA Appreciation Day

Well bork me sideways: A railway ticket machine lies down for a little Windoze

Hey, Boeing. Don't celebrate your first post-grounding 737 Max test flight too hard. You just lost another big contract

Security

Surveillance camera compromised in 98 seconds

All your cameras are belong to Mirai

Most Read

Remember that black hole just 1,000 light years from Earth? Scientists queue up to say it may not exist after all

Microsoft sees the world has moved on, cranks OneDrive file size upload limit from 15GB to more useful 100GB

Euro police forces infiltrated encrypted phone biz – and now 'criminal' EncroChat users are being rounded up

Microsoft takes tweaking tongs to Windows 10's Start Menu once again

UK space firms forced to adjust their models of how the universe works as they lose out on Copernicus contracts

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Keep Reading

The 'IoT' in Microsoft IoT Hub means Internet of Trying-to-kill-off-whiffy-crypto-protocol: TLS 1.0/1.1 spared axe again

Internet of Tardiness: Microsoft puts on a brave face as IoT boat prepares to set sail

UK.gov dangles £400k over makers of IoT Things: Go on, let's see how you'd make a security cert scheme

IoT security? We've heard of it, says UK.gov waving new regs

IoT shouters Chirp get themselves added to Microsoft Azure IoT

Internet of crap (encryption): IoT gear is generating easy-to-crack keys

Amazon straightens up its IoT house, complete with virtual Alexa, ahead of Las Vegas shindig

CyberX, CyberX, does whatever a CyberX does. Locks IoT, machines too, Microsoft got it, so will you

Tech Resources

2019 Ponemon Report: The Value of Threat Intelligence from Anomali

Latency is the New Outage

Guide to Antivirus (AV) Replacement

Network Detection & Response for MITRE ATT&CK Framework

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

SIGN UP TO OUR NEWSLETTERS