http://arstechnica.com/security/2012/10/cisco-machine-gets-listed-by-blackhat-org-that-rents-out-hacked-pcs/ By Dan Goodin Ars Technica Oct 22, 2012 A computer running inside the corporate network of Cisco Systems is one of about 17,000 machines that is being rented out to online miscreants looking to get a foothold inside Fortune 500 companies, according to a published report. The Windows Server 2003 system uses Microsoft's Remote Desktop Protocol so it can be remotely accessed by anyone with the login credentials. It's listed on Dedicatexpress.com, a service that allows anyone in the world to access hacked computers at specific organizations, KrebsonSecurity reported. Remarkably, the username for the box is "Cisco" and the corresponding password is—you guessed it—"Cisco." "Businesses often turn on RDP for server and desktop systems that they wish to use remotely, but if they do so using a username and password that is easily guessed, those systems will soon wind up for sale on services like this one," reporter Brian Krebs wrote. [...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Tue Oct 23 2012 - 22:43:02 PDT
This archive was generated by hypermail 2.2.0 : Tue Oct 23 2012 - 22:45:34 PDT