Kowatek Solar LTD
Australia awards 1.9GW of renewables under CIS Tender 5
08:38
Australia awards 1.9GW of renewables under CIS Tender 5
Beyond deployment: Building a circular future for renewable energy
07:13
Beyond deployment: Building a circular future for renewable energy
“There has never been more acreage”
04:13
“There has never been more acreage”
Silicon Ranch launches cattle-compatible agrivoltaics technology
14:25
Silicon Ranch launches cattle-compatible agrivoltaics technology
Key Chinese Molten Salt Storage Tank Manufacturers
06:08
Key Chinese Molten Salt Storage Tank Manufacturers
18:12
Why Chile is ideal for deploying the solar sulfur cycle for green copper
$3.2 Million Awarded For Tribal Solar Projects
12:07
$3.2 Million Awarded For Tribal Solar Projects
Missed The May Battery Rebate Cutoff? Here’s What To Do
07:55
Missed The May Battery Rebate Cutoff? Here’s What To Do
1GWh+ of BESS progress by re:cap, Flower, Goldbeck and others
04:27
1GWh+ of BESS progress by re:cap, Flower, Goldbeck and others
ESS Tech, Alsym Energy partner for 8.5 GWh of non-lithium BESS solutions
07:32
ESS Tech, Alsym Energy partner for 8.5 GWh of non-lithium BESS solutions

Recycled Network Devices Exposing Corporate Secrets

More than half (56%) of corporate network devices sold second-hand still contain sensitive company data, according to a new study by ESET.

A security vendor purchased 16 recycled device routers, 9 of which had one or more IPsec or VPN credentials, or a hashed root password, and enough information to identify the previous owner. was found to contain

ESET argues that this information could theoretically allow a threat actor who got hold of the device to gain network access to the organization that recycled the router.

Some of the routers analyzed also included:

  • customer data
  • Credentials for connecting to other networks as a trusted party
  • Connection details for a specific application
  • Router-to-router authentication key

More specifically, researchers found a complete map of the major local and cloud-based application platforms used by organizations that previously owned routers. These ranged from corporate e-mail to physical building security and business applications.

ESET researchers were able to determine which ports and hosts these apps were communicating with, and could theoretically have investigated known vulnerabilities, the vendor claims.

In some cases, we were also able to map the network topology, including remote offices and operator locations.

The net result of this failure to properly decommission was to expose many of these companies, their customers, and partners to high cyber risk.

Routers were originally owned by midsize and global organizations operating across multiple verticals, including data center providers, law firms, technology vendors, manufacturers, creative companies and software developers.

Some treated the event as a serious data breach, while others appeared to fail to respond to repeated attempts by ESET to notify them.

Study leader Cameron Camp said the findings should serve as a wake-up call, whether companies dispose of devices themselves or contract with e-waste companies.

“We would expect medium to large enterprises to have a stringent set of security initiatives to decommission their devices, but we found the opposite,” he added.

“Organizations were more aware of what was left of the devices they grazed because most of the devices they obtained from the secondary market contained the digital blueprints of the companies involved, including but not limited to core networking. information, application data, corporate credentials, and information about partners, vendors, and customers.”

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us