Boards.ie targeted by large scale spamming attack

It appears that a lot of users of the hugely popular Irish message board site, boards.ie have been getting spammed with malicious links through PM’s and to their direct email (as a result of PM notifications)

There’s hundreds of posts currently in the discussion thread with many people reporting receiving the spam messages too

“Mr E”, one of the sites Admins explains:

Not hacked, but it’s a spam attack. 

Thousands of accounts created since last night to send tens of thousands of private messages. The office are looking into ways to stop them or slow them down.

We’re deleting the private messages, but that’s after you’ve received the email notification (which is why the PM may not be there when you go looking for it).

Your account is safe and your email address has not been compromised.

It goes without saying – please don’t click any links from this PM, or from the copy of the PM in the PM notification email.

Source: https://www.boards.ie/vbulletin/showpost.php?p=110950019&postcount=17

Boards.ie has posted an official announcement confirming the issue, and emphasising that this wasn’t a ‘hack’ or a ‘data breach’

We would like to reassure users that there has not been a data breach. This is the Private Messaging service being abused and the email notification system working as it ordinarily does.

Will update when further details are available

Belgian Police leak control room password for Internet enabled PC


It appears the Belgian Police have accidently leaked the password to their internet enabled PC in their control room, while a news crew was filming

No other information has been posted on the Reddit Thread

The password M3ldkam3r is clearly visible on a sticker on a monitor during a shot of the control room. The good news however, is that the password doesn’t seem to have been pwned… until now

Someone in IT will surely be in for an interesting meeting tomorrow morning

UKPN staff unable to log into computers

According to this Reddit post by reddit user /u/HostileApostle420

” no one in her office is allowed to log into their computers due to ‘mcafee system update’. IT saying people will loose their data if they log in? “

Some of the comments suggest this could be a ransomware attack, especially considering UKPN is one of the largest power providers in the UK

This comes the same day that UKPN announced they are doubling their energy capacity at London City Airport

Is your Netgear home router at risk from remote access?

There’s nothing better than lying in bed and being able to remote into your router to restart it or update the firmware to fix a security vulnerability!

It’s even better when a company makes a nice GUI app for the regular user to navigate these options with ease

What’s even better again, is that the app doesn’t store usernames or passwords or send any data to any server… that is, until now

I’ve been using a Netgear Nighthawk AC1900 for a while now, and using the Netgear Genie App to admin it. It was a great app, which you could control the router settings, see connected devices, view traffic stats, setup parental controls and much more

You enter your local admin / password and the app connects you to the router. There’s an additional option to create a Netgear account and remotely manage the router, but if you don’t create one, you’re free to use it offline.

As of recently, when you try to admin the router from the app you are greeted with the following error to let you know you have to upgrade to the latest Nighthawk App

The issue being, the app will not work unless you setup a Netgear account

This means you are giving Netgear, access to your local router password (Which they store in your account)

Should there ever be a breach / data dump from Netgear, attackers could potentially gain access to every device every registered through Netgear.com including remote access to the router itself. This in turn, could give them full access to every device on your home network. Including access to shares and NAS directly connected to the Readyshare option of the device