A recently disclosed zero-day has been the target of cyber criminals from China. Devices using the same code base from at least 17 different manufacturers are being exploited via a path traversal vulnerability. First disclosed on August 3rd, researchers discovered only two days later that hackers were already trying to infiltrate systems.
As most companies do not have policies to make firmware update on a timely basis, hackers have been given free reign to implement the Mirai malware on affected devices. By deploying on millions of devices, this gives the attackers easy access to a botnet that can create DDoS attacks at will.
