Encryption in Organizations” Select one of the following and discuss in no less than three paragraphs, and have at least one response to the class Discussion of at least one paragraph:
Research the web for examples of the manner in which security professionals could use encryption in organizations today (e.g., database encryption), describe at least two uses of encryption within organizations today that you found in your research. From the uses identified, indicate the information resource the encryption is designed to protect. Assess the importance of protecting such an information resource from a security perspective.
Class Discussion:
UPnP is Back,
I found an article dealing with UPnP. I was a bit rusty on the protocol. I do recall that UPnP was once a threat. It has surfaced again. Universal Plug and Play was a useful protocol to make our lives easier. It is a discovering protocol that allows devices to connect to one another. This easy connection made this a great tool for attackers.
A lot of the searches for this article were found by using the Shodan search engine. The search found many devices using the MiniUPnPd for NAT routers. Devices running this outdated UPnP software were able to be accessed remotely. Poorly configured routes that used the outdated UPnP allowed ports to be forwarded to the internet. This was an older exploit that is surfacing once again.
The research discovered that most devices that were tested still use the old versions of UPnP. Many of the devices that were much older, those devices did not have a patch to correct the problem. The article goes into more detail with the different libraries and bundles associated with the attack.