Japanese Government to Use 'Credential Stuffing' to Survey Consumer IoT Devices


ABTV Application Cloud Endpoint Infrastructure IoT/Embedded Mobile Network Operational Security Management
Sign up for our weekly newsletter! REGISTER NOW

Comments Japanese Government to Use 'Credential Stuffing' to Survey Consumer IoT Devices Newest First \| Oldest First \| Threaded View [close this box] Page 1 / 2 > >> mhhfive 2/6/2019 2:03:12 PM User Rank Guardian undocumented manufacturing backdoors... Is there any way to disprove an undocumented manufacturing backdoor? It seems like a lot of countries would like them.. but how does anyone know if they do or don't exist? I'm sure Huawei would like to be able to definitely say they don't support backdoors of any kind.... Reply Post Message Messages List Start a Board Login 50% 50% batye 2/1/2019 2:04:50 PM User Rank Guardian Re: Automated @ms.akkineni yes things need to be changed as for now it seems like it free for all... and security it more like a lip service... Reply Post Message Messages List Start a Board Login 50% 50% batye 2/1/2019 2:02:46 PM User Rank Guardian Re: nobody's home @Michelle as everyone keep thinking they Router is secure... but will it ever be "secure" as on my end I keep updating the router firmware... but it me... with my better safe than sorry... Reply Post Message Messages List Start a Board Login 50% 50% Michelle 1/31/2019 9:55:11 PM User Rank Guardian Re: nobody's home Ahh, yes. Home network monitoring isn't much of a thing... Reply Post Message Messages List Start a Board Login 50% 50% Michelle 1/31/2019 9:53:38 PM User Rank Guardian Re: nobody's home That's pretty much what my husband said when I brought it up. I immediately thought of privacy and an overreaching government. Pen testing seems ok if it means the country can be more secure. Reply Post Message Messages List Start a Board Login 50% 50% ms.akkineni 1/31/2019 8:28:47 PM User Rank Guardian Re: Automated While i strongly feel device level security is required, having an additional checkpoint by Government is a definite plus. Reply Post Message Messages List Start a Board Login 50% 50% ms.akkineni 1/31/2019 8:25:12 PM User Rank Guardian Re: Automated Completely agree with you that it has to be handled at device level. In this smart age that has to be a requirement. Reply Post Message Messages List Start a Board Login 50% 50% Joe Stanganelli 1/31/2019 5:56:33 PM User Rank Author Re: Automated @Taimoor: On the one hand, the civil libertarian in me wouldn't particularly want government doing anything on my network, dangit. On the other hand, doing this kind of thing recognizes that IoT security is not just an issue for individuals, but it is a national-security and global-stability issue (because non-secure IoT devices can be leveraged for botnets that can then be used to DDoS critical services and communications). Reply Post Message Messages List Start a Board Login 50% 50% TaimoorZubair 1/30/2019 9:53:36 PM User Rank Guardian Automated I think credential stuffing is a big risk especially when it comes to IoT devices. It can indeed be a big threat. What the government is doing to detect it is a good approach, however I believe this is something that should automatically be flagged by devices. No device should be allowed to be used if the password is unsecure. The devices have to be intelligent enough to point out to the user about the strength of the password and its age and make sure the users take prompt action to change the passwords. Reply Post Message Messages List Start a Board Login 50% 50% TaimoorZubair 1/30/2019 9:48:17 PM User Rank Guardian Re: nobody's home @Joe: I think it'd only sound like an attack when there's an ulterior motive involved to exploint the information. If the purpose is to simply assess the current security situation and not cause any damage, it'd probably not fall under an attack. But again that's my personal opinion about it. Reply Post Message Messages List Start a Board Login 50% 50% Page 1 / 2 > >>		Latest Articles CTF Protocol Serves as a Low-Level Way to Take Over Windows Machines 1 Comment There is a protocol in Windows that has been around since the days of Windows XP, which has been found to be insecure. Security Assurance Is a Long-Term & Ongoing Investment 1 Comment Establishing a business-focused security assurance program is a long-term, ongoing investment. A Brace Helps to Balance the Load A syntax construct inside the TCL language is allowing injection attacks to occur. This RAT Doesn't Squeak Much Saefko does stuff. Lots of stuff. European Approach to Artificial Intelligence: Ethics Is Key The socio-economic, legal and ethical impacts of AI must be carefully addressed, says the European Commission. More Blogs Information Resources • Zero Trust: Organizations can begin to trust users, devices and transactions starting with a high level of IAM services and support • How to Unite Your Active Directories: Mergers, Acquisitions and Divestitures • Deliver a True Omni-Channel Experience • The Smart Way to Simplify PCI Compliance • Versa SD-WAN – Simple, Secure and Reliable Branch to Multi-Cloud Connectivity • Fortifying Your Branch Security • The Essential Guide to Understanding Risk and Quantification • 7 Experts on Threat and Vulnerability Management • A CISO’S Guide to Hybrid Cloud Security • Endpoint EcoSystems E-Book: Collaborating To Conquer Security Threats All resources upcoming Webinars ARCHIVED IT Security Is Broken – Can Zero Trust Access Fix It? Tuesday, August 6, 2019 11:00 a.m. New York/ 4:00 p.m. London More Webinars Webinar Archives Analysts Corner Ovum Resources • Ovum 2018 Trends to Watch: IT & Cybersecurity • Ovum IoT Security: Technology Strategies & Vendor Profiles • Ovum 2018 Trends to Watch: Managed Security Services • Ovum's Mini-Guide to GDPR Analysts Corner archive Flash Poll All polls Video In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ... CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ... You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ... Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ... Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ... All Videos Sponsored Video Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ... Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ... This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video All Videos Radio Shows ARCHIVED \| August 31, 2017, 3pm EDT Voice of Security Radio: A Security Partnership with Machine Learning An interview with Steve Grobman, CTO of McAfee ARCHIVED SHOWS DOWNLOAD TO CALENDAR Slideshows Top 10 Security Stories of 2018 Slideshow archive Twitter Feed Tweets by Security_Now_ like us on facebook