As reported by ZDNet, security vulnerabilities in millions of Internet of Things devices (IoT) could allow cybercriminals to knock devices offline or take control of them remotely, in attacks that could be exploited to gain wider access to affected networks.
The nine vulnerabilities affecting four TCP/IP stacks – communications protocols commonly used in IoT devices – relate to Domain Name System (DNS) implementations, which can lead to Denial of Service (DoS) or Remote Code Execution (RCE) by attackers. Over 100 million consumer, enterprise and industrial IoT devices are potentially affected.
<p>IoT remains a huge burden on potential victims, but the industry is slowly catching up. Until IoT devices are built with default protection, users need to understand the basics in device security such as multi factor authentication and not reusing passwords. We are starting to see the big names drive a push towards security by design, but it remains a problem for consumers with some brands favouring convenience over security.</p>