For those not familiar with Shodan, this is one of the easiest ways to find vulnerable internet-connected hardware. This could be anything from personal webcams to gas pipeline control systems.

Also, this article should be a major heads up to everyone: DO NOT EVER use the factory default logins for your devices! Make unique logins and strong passwords for everything, and use MFA whenever possible.

@voltronic The threat research team at work has gotten more than one DEFCON/Black Hat presentation out of Shodan results. :-D

@ehurtley
It's one of those things that really makes you sit up straight when you realize how much low-hanging fruit is out there for the taking, including critical infrastructure.

@voltronic A-yup. I always change both username and password on all devices. If it has "peer-to-peer WiFi" I won't use, immediately configure it and disable it. (Lookin' at you, HP printers...)

Follow

@ehurtley
Yeah, I have a Samsung network printer that has the same functionality. Changing the login isn't enough; it's still constantly trying to connect to the cloud print server. I have its external connection denied through the router, but looking at my pi-hole logs shows it thrashing away.

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.