Tuesday, June 06, 2017

CERT warns of SNMP vulnerability for workplaces


DHS Cert in Pittsburgh is warning of a vulnerability in SNMP, Simple Network Management Protocol, which can be compromised to again unauthorized access to network devices.

This is not as likely to affect individuals or very small businesses, as larger organizations.  It would be possible to target a particular employee, for example, for blame.  So this advisory sounds more like a workplace issue.
 


That reminds me of the warning back in the early 1980s at a credit reporting company that associates must always sign off when not at the terminals and keep passwords secret, and could be terminated for misuse of their accounts by others.
 
Workplaces also have a problem in that spammers may imitate the employer’s trademarks and look in phishing attacks that would not work against home users.

No comments: