Το θέμα για μένα περισσότερο είναι ότι αρκετές εταιρίες π.χ Paradox/Hikvision στηνουν τις εφαρμογές τους και τα προϊόντα τους να παίζουν αποκλειστικά η μερικώς αποκλειστικά με τέτοιες πρακτικές... Π.χ η Paradox δεν μπορείς να κάνεις πλέον χρήση της ip κάρτας του συναγερμού σου από την εφαρμογή τους αν δεν έχεις internet ώστε να βγαίνει και η κάρτα και η εφαρμογή στα συστήματα της Paradox ....άρα εξαναγκάζομαι να δίνω δεδομένα τα οποία τελικά δεν έχω που τα φυλάνε π.χ σε τρίτους όπως η Ubiquiti ..
Παλιότερα τέτοιες επιθέσεις έχουν γίνει και στην Cisco σε κάποια υπηρεσίας της αλλά και στην WD σε κάποιο sub Site για κάποιους εξωτερικούς δίσκους που είχε...
Εμφάνιση 16-19 από 19
-
17-01-21, 16:56 Απάντηση: Διαρροή στοιχείων λογαριασμού χρηστών από συστήματα της Ubiquiti #16
-
01-04-21, 11:11 Απάντηση: Διαρροή στοιχείων λογαριασμού χρηστών από συστήματα της Ubiquiti #17
- Εγγραφή
- 22-09-2003
- Μηνύματα
- 82.113
- Downloads
- 218
- Uploads
- 48
- Άρθρα
- 6
- Τύπος
- VDSL2
- Ταχύτητα
- 204800/20480
- ISP
- Wind
- Router
- Technicolor DGA4130
- SNR / Attn
- 6(dB) / 2.8(dB)
- Path Level
- Interleaved
As we informed you on January 11, we were the victim of a cybersecurity incident that involved unauthorized access to our IT systems. Given the reporting by Brian Krebs, there is newfound interest and attention in this matter, and we would like to provide our community with more information.
At the outset, please note that nothing has changed with respect to our analysis of customer data and the security of our products since our notification on January 11. In response to this incident, we leveraged external incident response experts to conduct a thorough investigation to ensure the attacker was locked out of our systems.
These experts identified no evidence that customer information was accessed, or even targeted. The attacker, who unsuccessfully attempted to extort the company by threatening to release stolen source code and specific IT credentials, never claimed to have accessed any customer information. This, along with other evidence, is why we believe that customer data was not the target of, or otherwise accessed in connection with, the incident.
At this point, we have well-developed evidence that the perpetrator is an individual with intricate knowledge of our cloud infrastructure. As we are cooperating with law enforcement in an ongoing investigation, we cannot comment further.
All this said, as a precaution, we still encourage you to change your password if you have not already done so, including on any website where you use the same user ID or password. We also encourage you to enable two-factor authentication on your Ubiquiti accounts if you have not already done so.
Thanks,
Team UIWe'll build a fortress to keep them out and in a world gone silent I'll be your sound and if they try to hurt you I'll tear them down I'm always with you now....
I forgot that I might see, so many Beautiful things
everything that has a beginning has an end
See the mirror in your eyes-see the truth behind your lies-your lies are haunting me See the reason in your eyes-giving answer to the why- your eyes are haunting me
-
01-04-21, 12:00 Απάντηση: Διαρροή στοιχείων λογαριασμού χρηστών από συστήματα της Ubiquiti #18
Μα τόσο άχρηστος ο Hacker, δεν κατάφερε να αγγίξει τίποτα απο τα δεδομένα των χρηστών????? το Fail της COSMOTE μου θυμίζει μαζί με τις δικαιολογίες
-
02-12-21, 22:01 Re: Διαρροή στοιχείων λογαριασμού χρηστών από συστήματα της Ubiquiti #19
Former Ubiquiti dev charged for trying to extort his employer (bleepingcomputer.com)
Τελικά...
Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker.
"As alleged, Nickolas Sharp exploited his access as a trusted insider to steal gigabytes of confidential data from his employer, then, posing as an anonymous hacker, sent the company a nearly $2 million ransom demand," U.S. Attorney Damian Williams said today.
"As further alleged, after the FBI searched his home in connection with the theft, Sharp, now posing as an anonymous company whistleblower, planted damaging news stories falsely claiming the theft had been by a hacker enabled by a vulnerability in the company's computer systems."Τελευταία επεξεργασία από το μέλος ThReSh : 02-12-21 στις 22:15.
Bookmarks