Post by sherlew99 on Aug 15, 2014 9:51:03 GMT -6
Via Sophos
Click here for the rest of the article.
Thousands of computers open to eavesdropping and hijacking
by Lisa Vaas on August 15, 2014
There's a gaping hole in thousands of unsuspecting people's computers that lets any random internet passerby not only look over their shoulder but reach through to take over their systems.
The hole is caused by a remote access tool: specifically, unsecured use of a product known as Virtual Network Computing (VNC).
...
So how can you minimise your exposure to this kind of backdoor access? The rules are simple:
If you don't need it (whatever it is), don't run it
If you do need it, protect it with a strong, unique password
Provide the most restricted access you can get away with
Use multiple layers of protection
The pharmacist whom Hill called immediately contacted his software vendor, who was shocked to discover there was a way around the firewall and immediately turned off the VNC settings on the drug terminals.
by Lisa Vaas on August 15, 2014
There's a gaping hole in thousands of unsuspecting people's computers that lets any random internet passerby not only look over their shoulder but reach through to take over their systems.
The hole is caused by a remote access tool: specifically, unsecured use of a product known as Virtual Network Computing (VNC).
...
So how can you minimise your exposure to this kind of backdoor access? The rules are simple:
If you don't need it (whatever it is), don't run it
If you do need it, protect it with a strong, unique password
Provide the most restricted access you can get away with
Use multiple layers of protection
The pharmacist whom Hill called immediately contacted his software vendor, who was shocked to discover there was a way around the firewall and immediately turned off the VNC settings on the drug terminals.
Click here for the rest of the article.