Mirai (Japanese: future) is a virus targeting poorly secured devices connected to the IoT (Internet of Things). It runs on Linux, with the aim of using it for a large-scale botnet. Mirai's primary targets are home gateways and IP cameras. The virus was discovered in August 2016 by the group MalwareMustDie. Initially, Mirai was mainly used for extorting Minecraft server owners. Around September and October 2016, Mirai was used for very large-scale DDoS attacks targeting, among others, computer security specialist Brian Krebs and DNS providers OVH and Dyn.
Misconfiguration
This can happen anywhere: at webhosts, at home, at small offices and in large organisations at any level: it's when there are security holes left unattended (mostly unknowingly) like computer(-system) configuration, the usage of default accounts, unused webpages and applications, unpatched vulnerabilities, unprotected files and directories, lack of upgrades, misconfigured firewalls and anti-virustools, usage of third-party applications etc.
You can use scanners to look for vulnerabilities and hardware to register access at buildings etc. but when the settings are not correct, they offer a false sense of safety.
Misconfiguration is one of the biggest reasons for security-breaches and exactly what hackers are looking for: after setting up your environment always stay alert, because times are changing constantly and what worked yesterday, can be a huge risk today.
Man in the middle attack
A man-in-the-middle attack (MITM) is a type of network attack in which information is intercepted between two devices without the knowledge of both of the owners. The attacker can read and change data and send messages not written by either party. If he does that right the two parties don't notice anything. An attacker could f.e. get access to the e-mail server and change the content of the e-mail. He can manipulate one of the persons behind the machines or send him a link to a malicious source. He can also delete certain parts of the message.