An article in New Scientist covers a journal report on the state of upcoming upgrades to China's national Internet infrastructure.
ZSecure, a security consulting company which made a few ripples last year when it announced vulnerabilities detected on HDFC's website, has made a similar discovery, this time with payback.in. Payback is a firm providing loyalty (reward points) programs for customers, in partnership with a number of well known brands.
A Swedish security consultant, Dan Egerstad, has released the passwords of over a 100 e-mail accounts belonging to embassies worldwide including those of India.
A default user name and password combination were written, or "hard coded", into the software which runs on both devices and cannot be disabled. A malicious user who had the password would have complete control of the affected device, which could be used as a platform for further attacks, Cisco warned.
This must be the millionth "preset username and password" flaw reported in a networking device; albeit this time it's hard-coded :S Patches are available..