Cyble: Over 9,000 VNC Sessions Without a Password Found

Virtual network computing (VNC) endpoints that can view and utilize credentials were reported to be vulnerable on at least 9,000 occasions, giving hackers simple access to the data. 

The platform-independent system referred to as Network Computing (VNC) enables users to remotely control other computers, most of which have limited monitoring and adjusting capabilities. Therefore, anyone who compromises VNCs will eventually have access to the underlying systems.
The endpoints can act as access points for unauthorized access, including hackers with malevolent intentions if they are not fully secured with a password, which is frequently the result of neglect, error, or a decision made out of convenience.
As per researchers, the risk of each exposed VNC relies on the kind of underlying system it is in charge of. Some people are discovered to be in charge of a municipality’s water control systems, which is quite serious.
Research Analysis 

Over 9,000 vulnerable servers were found when Cyble’s security researchers searched the web for internet-facing VNC instances without passwords. China and Sweden are home to the majority of exposed instances, while the United States, Spain, and Brazil round out the top 5 with sizable numbers of unprotected VNCs.
The fact that some of these open VNC instances were for industrial control systems, that should never be accessi

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!