An Interest In:
Web News this Week
- March 29, 2024
- March 28, 2024
- March 27, 2024
- March 26, 2024
- March 25, 2024
- March 24, 2024
- March 23, 2024
April 1, 2019 08:05 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gz1WixSLSMM/over-13k-iscsi-storage-clusters-left-exposed-online-without-a-password
Over 13K iSCSI Storage Clusters Left Exposed Online Without a Password
Over 13,000 iSCSI storage clusters are currently accessible via the internet after their respective owners forgot to enable authentication. From a report: This misconfiguration has the risk of causing serious harm to devices' owners, as cyber-criminal groups could access these internet-accessible hard drives (storage disk arrays and NAS devices) to replace legitimate files with malware, insert backdoors inside backups, or steal company information stored on the unprotected devices. [...] Over the weekend, penetration tester A Shadow tipped ZDNet about this hugely dangerous misconfiguration issue. The researcher found over 13,500 iSCSI clusters on Shodan, a search engine that indexes internet-connected devices. In an online conversation with ZDNet, the researcher described this iSCSI exposure as a "dangerous backdoor" that can allow cyber-criminals to plant ransomware-infected files on companies' networks, steal company data, or place backdoors inside backup archives that may get activated when a company restores one of these booby-trapped files.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/gz1WixSLSMM/over-13k-iscsi-storage-clusters-left-exposed-online-without-a-password
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot