النسخة العربية

Oman National CERT Towards a safe cyber environment

Oman Cybersecurity CTF competition

Oman Cybersecurity CTF competition

ARCC in collaboration with Cyber Talents are organizing "Oman Cybersecurity CTF competition" hosted by ITA through Oman National CERT.

View

" Red Chungu" Training

For the first time in Oman ARCC is conducting the "Red Chungu" Training in Oman from 15 Oct 2017 to 19 Oct 2017

View
6th Regional Cyber Security Summit

6th Regional Cyber Security Summit

Date : 20th to 21st November 2017 ... Location : Sheraton Oman Hotel, Muscat

View
4th Oman National Cyber Drill

4th Oman National Cyber Drill

Date :23rd – 25th , October, 2017 ... Location : Grand Hormuz Hotel, Muscat

View
OIC-CERT Annual Conference 2017

OIC-CERT Annual Conference 2017

Date : 6 – 9 November 2017 ... Location : Baku, Azerbaijan

View

Media Center

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

OCERT News

 

Hacker Exposes Thousands of Insecure Desktops That Anyone Can Remotely View

OCERT Latest News

30/Mar/2016


Thousands of insecure desktops were publicly available for anyone with a VNC connection to view. A hacker, going by the handle of “Revolver”, created a script that cycled through IP addresses which tries to connect to unsecured servers through a web-based VNC viewer. If the script finds an available connection without any authentication, it will connect and grab a screenshot, otherwise the script will kill the session and move to a different IP address.


Thousands of desktops -- Windows, Macs, and even Linux machines -- were open to VNC connection without any passwords. And hundreds of screenshots captured exposed potentially highly-sensitive Supervisory Control and Data Acquisition (SCADA) systems, which are typically used in industrial facilities.


The thousands of screenshots which have been collected, were uploaded to a website called VNC Roulette, which shows a snapshot in time of a random internet-connected desktop. However, not all have been posted on the website as they contain critical/sensitive information.


The unfettered access to thousands of desktops is “not a configuration issue” or a flaw or vulnerability in how VNC is designed. It is the result of users' not setting a password even though an interface or message prompts users to make a password for security upon installation of VNC.


Workaround/Advices:

It is strongly recommended to setup password protection for all remote connection application (VNC, RDP, TeamViewer, etc.).

Setting a strong password (at least one uppercase character, one lowercase character, one special character and 8 characters in length) is highly recommended.


References:

Kindly refer to the reference provided below for additional information:

ZDNet - hxtp://www.zdnet.com/article/hacker-exposes-thousands-of-insecure-desktops-that-anyone-can-remotely-view/


  • News Archive