News in brief: man jailed for hacking celebrity chef; US could add domestic flights to laptop ban; flaws found in ‘security’ cameras

Your daily round-up of some of the other stories in the news

Gordon Ramsay’s in-laws sentenced for hacking

Celebrity chef Gordon Ramsay (pictured), known both for his restaurants and his TV series Kitchen Nightmares and Hotel Nightmares, has also had an In-Laws Nightmare: his father-in-law, Christopher Hutcheson, and Hutcheson’s sons Adam and Christopher, have been given jail sentences for their roles in an “unattractive and unedifying” conspiracy to hack Ramsay’s computers.

The BBC reported that Ramsay’s father-in-law had been sacked by the chef as chief executive of Gordon Ramsay Holdings Ltd, after which he and his sons conspired to access Ramsay’s computer systems nearly 2,000 times between October 2010 and March 2011.

The court at the Old Bailey in London was told that the men aimed to “obtain material that might embarrass Mr Ramsay or be useful in the ongoing dispute with him”. After they were discovered, the court heard, Christopher Hutcheson sent an email to his sons saying “Guess we have been rumbled. Bit late though.”

Christopher Hutcheson was jailed for six months while his sons were given four-month prison sentences suspended for two years.

Laptop ban could be extended to domestic flights

Bad news, US airline passengers: the laptop ban that’s already in place on flights to the US and the UK from some Middle Eastern cities and airlines could be extended to domestic flights, according to reports on Thursday.

Reuters reported that homeland security secretary John Kelly had told a House of Representatives that “we are looking right now at an additional 71 airports”, while CBS Baltimore added that the ban could spread to domestic flights.

The Transportation Security Administration said that “the Department of Homeland Security is currently considering the possible expansion of that laptop ban. No decision has been made.”

Got a Foscam security camera? Read this

We’ve been warning about problems with IoT devices where security is a shoddy afterthought on Naked Security since pretty much forever, and such devices were a key factor in the Mirai botnet attack of October last year that took down the Dyn DNS provider.

So the news that a Chinese manufacturer of internet-connected security cameras have, among other problems, hard-coded remote access passwords that can’t be changed might not come as a surprise, but it does cause us to despair.

The guilty cameras are two models from Foscam, which also makes branded cameras for Chacon, 7links, Netis, Turbox and others, according to a report from F-Secure.

The researchers found that the flaws in the cameras include incorrect permissions, insecure default credentials as well as the hard-coded credentials, hidden and undocumented Telnet functionality, remote command injections and leaky firewalls, among other problems.

Our advice? Check who’s made your camera and if it’s one of the Foscam-made models, now’s the time to replace it with a model that doesn’t make a mockery of the label “security camera”.

Catch up with all of today’s stories on Naked Security


from Naked Security – Sophos http://bit.ly/2rFKiPD
via IFTTT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s