Security Roundup - 2016-02-26
Using a default password for your device sucks. TP-LINK chose not to do this, but ended up using a unique password that their device broadcasts. I actually have one of these, and did not make the connection when originally setting it up.
Patchwork Security tries monitoring Heroku dynos for security upgrades. Initial findings are things are not upgraded quickly, but overall observation window is quite small.
NSA TAO Chief talks about Disrupting Nation State Hackers at Engima 2016. He goes into ways at which they will exploit networks, which he generalizes as ‘knowing a network better than the people who set it up’, ‘Poke and prod it, just like an adversary would do’
User figures out how Shodan.io is discovering and scanning IPv6 addresses. Looks like they have added nodes to the NTP pool, and are harvesting IP addresses for requesting servers to figure out what ones to scan. Looks like Check Point has classified Shodan as a threat and has made attempts to thwart scans.