June 19, 2024


Passion For Business

Attacker Cites Exposed Akamai Server and “intel123” Password

FavoriteLoadingInclude to favorites

Intel: “We feel an specific with accessibility downloaded and shared this data”

A misconfigured Akamai CDN (content shipping network) server and files with the password “intel123” have been pinpointed as the obvious trigger of a major leak from Intel which has found 20GB of resource code, schematics and other delicate info posted online.

The leak, posted last night by Tillie Kottman, an IT expert based in Switzerland, has files furnished to companions and prospects by chip maker Intel beneath non-disclosure arrangement (NDA), and includes resource code, development and debugging applications and schematics, applications and firmware for the company’s unreleased Tiger Lake system.

Go through far more: Intel’s 7nm ‘Defect’ Leaves Investors Fretting

In a now-deleted publish, the alleged resource of the leak explained: “They have a company hosted online by Akami CDN that wasn’t correctly safe. After an world-wide-web-large nmap scan I located my target port open up and went by way of a list of 370 probable servers based on specifics that nmap furnished with an NSE script.

“The folders were being just lying open up and I could just guess the name of 1. Then you were being in the folder you could go again to the root and just click on into the other folders that you don’t know the name of.

The Intel leak discussed in a (now deleted) publish by the meant perpetrator

“Best of all, because of to a further misconfiguration, I could masquerade as any of their workforce or make my individual consumer.”

The resource extra that nevertheless lots of of the zip files on the folder were being password-secured, “most of them [have] the password Intel123 or a lowercase intel123.”

Kottman expects the info dump will be the to start with in a collection of leaks from Intel.

“Unless I am misunderstanding my resource, I can already tell you that the upcoming pieces of this leak will have even juicier and far more labeled things,” he explained on Twitter.

A spokesman for Intel explained the chipmaker is investigating the leak, but declined to remark on the statements about the misconfigured server and weak passwords.

She explained:“The details appears to appear from the Intel Useful resource and Layout Center, which hosts details for use by our prospects, companions and other external parties who have registered for accessibility.

“We feel an specific with accessibility downloaded and shared this info.”

The incident is a stark reminder — if any were being required — that proactively mimicking these kinds of tactics by hackers is important to business stability, whether that is via frequent Purple Teaming, or other tactics.

New stability advice from the NSA (focussed on OT environments, but applicable throughout lots of IT environments way too), famous that best tactics incorporate:

  • Fully patching all Internet-obtainable systems.
  • Segmenting networks to secure workstations from direct publicity to the world-wide-web. Implement safe network architectures employing demilitarized zones (DMZs), firewalls, bounce servers, and/or 1-way interaction diodes.
  • Make certain all communications to distant devices use a virtual non-public network (VPN) with robust encryption even more secured with multifactor authentication.
  • Check out and validate the respectable company require for these accessibility.
  • Filter network traffic to only allow for IP addresses that are regarded to require accessibility, and use geo-blocking where by proper.
  • Hook up workstations to network intrusion detection systems where by feasible.
  • Capture and review accessibility logs from these systems.
  • Encrypt network traffic to stop sniffing and person-in-the-center tactics.

See also: National Protection Company: Assume Your OT Management Process Will Get Turned In opposition to You