Security News Botnet Fodder: 10 Million Devices With Open Telnet Ports Still Available Online

[LASER_oneXM]

...some quotes from the article:

What's the most exposed country?
The report also determined the "most exposed country" by taking into consideration the total number of assigned IPv4 addresses and the number of exposed ports.

The top 10 is made up by Zimbabwe, Hong Kong, Samoa, Congo, Tajikistan, Romania, Ireland, Lithuania, Australia, and Estonia.

Last year's top 10 leader, Belgium, is now out of the top 50 after authorities worked to secure exposed devices in its IPv4 addresses space. Despite having a huge IPv4 address pool, the US ranked #134.

An interactive map of the most exposed countries and a link to the Rapid7 report are available here.

A yearly scan of exposed ports has revealed that there are nearly 10 million devices with open Telnet ports connected to the Internet as we speak, opening themselves to brute-force attacks from IoT botnets, and MitM interception from attackers on the data's path.

This is one of the findings of the second edition of Rapid7's National Exposure Index, a yearly report on devices with ports left exposed online.

Not all these devices are vulnerable, as many are protected by strong passwords, but Rapid7 researchers raise the question if it's smart to run Telnet 23 years later after researchers created SSH, a much more secure method of connecting to remote devices.