Attackers UtilizingDefault Credentials to Target Businesses, Raspberry Pi and Linux Top Targets

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

 

While automated attacks remain a major security concern to enterprises, findings from a Bulletproof analysis highlight the challenge created by inadequate security hygiene. According to research conducted in 2021, bot traffic currently accounts for 70% of total web activity.
Default credentials are the most popular passwords used by malicious attackers, acting as a ‘skeleton key’ for criminal access. With attackers increasingly deploying automated attack methods 
Brian Wagner, CTO at Bulletproof stated, “On the list are the default Raspberry Pi credentials (un:pi/pwd:raspberry). There are more than 200,000 machines on the internet running the standard Raspberry Pi OS, making it a reasonable target for bad actors. We also can see what looks like credentials used on Linux machines (un:nproc/pwd:nproc). This highlights a key issue – default credentials are still not being changed.”
“Using default credentials provides one of the easiest entry points for attackers, acting as a ‘skeleton key’ for multiple hacks. Using legitimate credentials can allow attackers to avoid detection and makes investigating and monitoring attacks much harder.” 
According to the findings, attackers are continuously utilising the same typical passwords to gain access to systems. Some are default passwords that haven’t been updated since the compan

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: