Boa was discontinued in 2005 but remained popular and is now becoming a crisis because of the complex nature of how it was built into the IoT device supply chain.
A recent alarming report by Microsoft reveals the risks attached to common Internet of Things (IoT) devices using the discontinued Boa web server. Hackers are exploiting vulnerabilities in the software to target organizations in the energy sector.
On Tuesday, Microsoft researchers revealed in an analysis their discovery of a vulnerable open-source component in the Boa web server, used widely in a range of routers and security cameras as well as popular software development kits (SDKs).
Despite the software’s retirement in 2005, it remained popular and is now becoming a crisis because the complex nature of how it was built into the IoT device supply chain is making it difficult to mitigate the Boa flaws.
Microsoft reports ...
Copyright of this story solely belongs to hackread.com . To see the full text click HERE