BUZZFEED NEWS: Here’s a reminder to update your router at home.
At least two people tied to the U.S. military accidentally leaked secret files to a hacker after failing to change either the default username, password, or both to their routers, researchers at Recorded Future found. The hacker told Recorded Future researchers that he found the documents using Shodan, a common search engine used to identify internet-connected devices that are either public or connected through default settings. The hacker was attempting to sell several files about the MQ-9 Reaper drone (which included a list of airmen assigned for maintenance) and more than a dozen sensitive Army documents (including tank platoon tactics) for $150 when he was contacted by Recorded Future. Researchers were also able to find a certificate showing that one of the individuals hacked, an unnamed Air Force captain, had completed a cybersecurity awareness challenge in February 2018.
Read more