Head Topics

Discontinued Boa web servers still a supply chain threat

Danmark Nyheder Nyheder

Discontinued Boa web servers still a supply chain threat
Danmark Seneste Nyt,Danmark Overskrifter
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 73 sec. here
  • 3 min. at publisher
  • 📊 Quality Score:
  • News: 33%
  • Publisher: 61%

Still using a discontinued Boa web server? Microsoft warns of supply chain attacks

on the power grid to a Chinese threat group called RedEcho using the ShadowPad backdoor malware to compromise IoT devices.

The Microsoft researchers, digging into the report, detected a vulnerable component – the Boa web server – on the IP addresses listed as indicators of compromise . They wrote in their ownthis week that they"found evidence of a supply chain risk that may affect millions of organizations and devices." Boa is an open-source web server designed for embedded applications and used to access settings, management consoles, and sign-in screens in devices. It was discontinued in 2005 but is still being used by vendors in a range of IoT devices and popular SDKs, they wrote."Without developers managing the Boa web server, its known vulnerabilities could allow attackers to silently gain access to networks by collecting information from files," the researchers wrote.

In this case, Microsoft reviewed the IP addresses Recorded Future included in the list of IOCs and linked many back to IoT devices like routers that included unpatched vulnerabilities. All the published IP addresses were compromised by various attackers using different tactics that included downloading a variant of theIoT botnet malware, attempts to use default credentials for brute-force attacks, and efforts to run shell commands.

"Microsoft continues to see attackers attempting to exploit Boa vulnerabilities beyond the timeframe of the released report, indicating that it is still targeted as an attack vector," the analysts wrote.

Vi har opsummeret denne nyhed, så du kan læse den hurtigt. Hvis du er interesseret i nyheden, kan du læse hele teksten her. Læs mere:

TheRegister /  🏆 67. in UK

Danmark Seneste Nyt, Danmark Overskrifter

Similar News:Du kan også læse nyheder, der ligner denne, som vi har indsamlet fra andre nyhedskilder.

Germany repeat familiar flaws as Japan come from behind to surprise themGermany repeat familiar flaws as Japan come from behind to surprise themThe 2014 champions Germany had a record-equallingly bad time of things at the 2018 World Cup, and now history may be repeating itself. twoht
Læs mere »

After years without privacy regs, India delivers two setsAfter years without privacy regs, India delivers two setsAnd ponders subsidies to attract big datacenter and content delivery network builds
Læs mere »

Gujarat stray cattle: India man jailed for letting cows roam streetsGujarat stray cattle: India man jailed for letting cows roam streetsA court in Gujarat state convicted the man for letting cattle stray and endangering people’s lives.
Læs mere »

India gets a second AWS regionIndia gets a second AWS regionAmazon to spend $4.4b in India as it adds second AWS region
Læs mere »

Culture and heritage of India celebrated through dance and music at StormontCulture and heritage of India celebrated through dance and music at StormontIt was organised by ImageNation NI, a local ethnic Indian organisation formed to help develop relationships between communities in Northern Ireland
Læs mere »

Mystery national coffee chain to open town centre drive-thruMystery national coffee chain to open town centre drive-thruMystery national coffee chain to open Burnley town centre drive-thru
Læs mere »



Render Time: 2025-03-21 23:10:48