https://blog.paessler.com/investments-in-iot-security-are-set-to-increase-rapidly-in-2018
The two biggest challenges in 2018 will continue to be protecting against unauthorized access, and patching/updating the software of the device. Companies must not neglect the security problems of IoT and IIoT devices. Cyberattacks on the Internet of Things (IoT) are already a reality.
According to Gartner‘s market researchers, global spending on IoT security will increase to $1.5 billion this year.
1,645 Comments
Tomi Engdahl says:
Electromagnetic Fault Injection
https://circuitcellar.com/research-design-hub/electromagnetic-fault-injection/
Electromagnetic Fault Injection (EMFI) is a powerful method of inserting faults into embedded devices, but what does this give us? In this article, Colin dives into a little more detail of what sort of effects EMFI has on real devices, and expands upon a few previous articles to demonstrate some attacks on new devices.
HOW EMFI WORKS
The objective of EMFI is to ultimately inject a voltage onto the structure of the die itself. This can cause both persistent changes—such as bit flips in a register or SRAM—or temporary errors in reading voltage levels. With EMFI this is done with a quickly changing magnetic field. So, what we need is a method to generate the strong field. The device that generates this field is our EMFI tool.
The “business end” of these tools use some form of a coil in combination with a high permeability material, normally a ferrite. This ferrite is designed to concentrate the magnetic flux in a smaller area, making it possible to flip bits in part of the memory without crashing the entire device.
Tomi Engdahl says:
Kiinalaisten antureiden qr-koodeja kaapataan matkalla Suomeen – ”tuleekin herja, että laite on jo käytössä”
https://www.tivi.fi/uutiset/kiinalaisten-antureiden-qr-koodeja-kaapataan-matkalla-suomeen-tuleekin-herja-etta-laite-on-jo-kaytossa/cd39c3f6-de16-45c8-93de-582cc7393607
Esineiden internetin ratkaisuissa hyödynnettävien lora-antureiden tiedot voivat vuotaa matkalla Kiinasta Suomeen.
Langatonta tiedonsiirtoa hyödyntävät lora-anturit ovat joutuneet palvelunestohyökkäysten ja kaappausten kohteiksi. Suomessa tapauksia on havaittu Jyväskylän yliopiston informaatiotieteiden tiedekunnassa eÄlytelli-tutkimusprojektissa.
Tomi Engdahl says:
FBI recommends that you keep your IoT devices on a separate network
https://www.zdnet.com/article/fbi-recommends-that-you-keep-your-iot-devices-on-a-separate-network/
The FBI also recommends changing factory-set (default) passwords and not allowing an IoT device’s accompanying mobile app to gain access to too many smartphone permissions.
Tomi Engdahl says:
Wifi deauthentication attacks and home security
Dec. 26th, 2019 06:47 pm
https://mjg59.dreamwidth.org/53968.html
neighbours installed a Ring wireless doorbell. By default these are motion activated (and the process for disabling motion detection is far from obvious), and if the owner subscribes to an appropriate plan these recordings are stored in the cloud. I’m not super enthusiastic about the idea of having my conversations recorded while I’m walking past someone’s door, so I decided to look into the security of these devices.
One visit to Amazon later and I had a refurbished Ring Video Doorbell 2™ sitting on my desk. Tearing it down revealed it uses a TI SoC that’s optimised for this sort of application, linked to a DSP that presumably does stuff like motion detection. The device spends most of its time in a sleep state where it generates no network activity, so on any wakeup it has to reassociate with the wireless network and start streaming data.
So we have a device that’s silent and undetectable until it starts recording you, which isn’t a great place to start from. But fortunately wifi has a few, uh, interesting design choices that mean we can still do something. The first is that even on an encrypted network, the packet headers are unencrypted and contain the address of the access point and whichever device is communicating.
The most interesting one here is the deauthentication frame that access points can use to tell clients that they’re no longer welcome. These can be sent for a variety of reasons, including resource exhaustion or authentication failure. And, by default, they’re entirely unprotected. Anyone can inject such a frame into your network and cause clients to believe they’re no longer authorised to use the network, at which point they’ll have to go through a new authentication cycle – and while they’re doing that, they’re not able to send any other packets.
So, the attack is to simply monitor the network for any devices that fall into the address range you want to target, and then immediately start shooting deauthentication frames at them once you see one.
There’s a couple of ways to avoid this attack. The first is to use 802.11w which protects management frames. A lot of hardware supports this, but it’s generally disabled by default. The second is to just ignore deauthentication frames in the first place, which is a spec violation but also you’re already building a device that exists to record strangers engaging in a range of legal activities so paying attention to social norms is clearly not a priority in any case.
Finally, none of this is even slightly new. A presentation from Def Con in 2016 covered this, demonstrating that Nest cameras could be blocked in the same way. The industry doesn’t seem to have learned from this.
Tomi Engdahl says:
Discarded smart lightbulbs reveal your wifi passwords, stored in the clear
https://boingboing.net/2019/01/29/fiat-lux.html
Your internet-of-shit smart lightbulb is probably storing your wifi password in the clear, ready to be recovered by wily dumpster-divers; Limited Results discovered the security worst-practice during a teardown of a Lifx bulb; and that’s just for starters: the bulbs also store their RSA private key and root passwords in the clear and have no security measures
https://limitedresults.com/2019/01/pwn-the-lifx-mini-white/
Tomi Engdahl says:
three vulnerabilities have been discovered:
Wifi credentials of the user have been recovered (stored in plaintext into the flash memory).
No security settings. The device is completely open (no secure boot, no debug interface disabled, no flash encryption).
Root certificate and RSA private key have been extracted.
https://limitedresults.com/2019/01/pwn-the-lifx-mini-white/
Tomi Engdahl says:
Privacy & Security: Responsible Disclosure of Security Vulnerabilities
https://www.lifx.com/pages/privacy-security-responsible-disclosure-of-security-vulnerabilities
Tomi Engdahl says:
https://www.lifx.com/pages/privacy-security-responsible-disclosure-of-security-vulnerabilities
we have already addressed each vulnerability with firmware updates during Q4 2018:
WiFi credentials are now encrypted
We have introduced new security settings in the hardware
Root certificate and RSA private key is now encrypted
Are these vulnerabilities now resolved?
All of the moderate to high severity vulnerabilities that were identified by Limited Results has been addressed in the firmware and app releases that occurred in late 2018.
All sensitive information stored in the firmware is now encrypted and we have introduced extra security settings in the hardware.
Customers can obtain the firmware update by opening their LIFX app and a firmware update prompt will be shown, if they haven’t already updated their lights.
If a customer had previously purchased this product, what can they do to make sure that their data is protected?
Changing username and password credentials would ensure that the vulnerable information is no longer relevant. And we would recommend changing these as regularly as is convenient for any device from laptop to lightbulb.
Tomi Engdahl says:
If you’re gonna use this stuff, create a network specifically for it.
Tomi Engdahl says:
Kiinalaisten antureiden qr-koodeja kaapataan matkalla Suomeen – ”tuleekin herja, että laite on jo käytössä”
https://www.tivi.fi/uutiset/tv/c30c0ee7-eb23-4b2a-9a18-52a4d070e8b8
Langatonta tiedonsiirtoa hyödyntävät lora-anturit ovat joutuneet palvelunestohyökkäysten ja kaappausten kohteiksi. Suomessa tapauksia on havaittu Jyväskylän yliopiston informaatiotieteiden tiedekunnassa eÄlytelli-tutkimusprojektissa.
”Matkalla sen voi lukea aika moni konenäköpää. Näin salaus voi vuotaa”,
Tomi Engdahl says:
Bricked IoT Devices Are Casualties Of Lax Semiconductor Security
How Silex malware gains entry into devices, and what it does after that.
https://semiengineering.com/bricked-iot-devices-are-casualties-of-lax-semiconductor-security/
Silex is programmed to destroy an IoT device’s stored data and remove the network configuration. Silex accomplishes this by deliberately exploiting known default credentials, logging in and killing the system. More specifically, the destructive malware strain writes random data from /dev/random to any mounted storage it can identify. Silex subsequently deletes network configurations, runs rm -rf / to erase data and flushes iptables entries. Lastly, the malware writes an entry to terminate all active connections.
It is important to note that Silex is only one of many malware strains that actively targets devices with default or weak login credentials such as “admin” usernames and “1234” passwords. Put simply, malware like Silex continues to propagate because it is so successful at bricking a wide range of IoT devices by attacking unprotected system functions. Fortunately, a hardware-based root of trust can help protect against malware like Silex by ensuring robust remote access authentication and monitoring of anomalous system operation.
Indeed, a hardware-based root of trust can be provided by an independent security co-processor that is integrated into IoT devices.
Partitioning general-purpose processing from secure application processing is provided by integrating a secure co-processor core such as the Rambus CryptoManager Root of Trust into an SoC designed for IoT devices.
Tomi Engdahl says:
Google Chrome impacted by new Magellan 2.0 vulnerabilities
Magellan 2.0 vulnerabilities were patched in Google Chrome 79.0.3945.79.
https://www.zdnet.com/article/google-chrome-impacted-by-new-magellan-2-0-vulnerabilities/
A new set of SQLite vulnerabilities can allow attackers to remotely run malicious code inside Google
Chrome, the world’s most popular web browser.
The vulnerabilities, five, in total, are named “Magellan 2.0,” and were disclosed today by the Tencent
Blade security team.
All apps that use an SQLite database are vulnerable to Magellan 2.0; however, the danger of “remote
exploitation” is smaller than the one in Chrome, where a feature called the WebSQL API exposes Chrome
users to remote attacks, by default.
The Magellan 2.0 disclosure comes exactly one year and one week after the same Tencent Blade security team
disclosed the original Magellan SQLite vulnerabilities, last year, in December 2018.
Just like the original Magellan vulnerabilities, these new variations are caused by improper input
validation in SQL commands the SQLite database receives from a third-party.
In a security advisory published today, the Tencent Blade team says the Magellan 2.0 flaws can lead to
“remote code execution, leaking program memory or causing program crashes.”
All apps that use an SQLite database to store data are vulnerable, although, the vector for “remote
attacks over the internet” is not exploitable by default. To be exploitable, the app must allow direct
input of raw SQL commands, something that very few apps allow.
The danger of remote attacks is present for users of Google Chrome, which also uses an internal SQLite
database to store various browser settings and user data.
Tencent says it was not aware of any public exploit code or attacks for the Magellan 2.0 vulnerabilities.
Tomi Engdahl says:
Anomaly Detection in Complex Systems: Zero Trust for the Workplace
https://blogs.cisco.com/security/anomaly-detection-in-complex-systems-zero-trust-for-the-workplace
Zero trust and complexity management represent a new basic combination for a closed-loop approach to anomaly detection and mitigation for critical infrastructures.
This abstract introduces a set of functional blocks that could enable automation and assurance for secure networks. These blocks are designed to reduce/simplify the impact of anomalies and/or anomalous behaviors on complex systems.
Tomi Engdahl says:
Over 100 Million IoT Attacks Detected in 1H 2019
https://www.infosecurity-magazine.com/news/over-100-million-iot-attacks/?utm_source=hs_email&utm_medium=email&utm_content=78552465&_hsenc=p2ANqtz-_uL8hhVd64bGoLv8h_HNvRTCFUrhrQpDJki-CT80jKGy7QPZ54BfnJkH_DbAnd_UrH297VpZMlxL9PJaJdhPgR2tkeV8EGY_Mde9EDAy1-_Yp1GvY&_hsmi=78552465
Tomi Engdahl says:
Dan Seifert / The Verge:
Ring adds a privacy dashboard to its app to let owners manage third-party services and whether local police can make requests to access video from their cameras — One place to manage security and privacy features — Ring has announced that it is adding a new privacy dashboard …
Ring adds privacy dashboard to app in response to security concerns
One place to manage security and privacy features
https://www.theverge.com/2020/1/6/21050426/ring-control-center-privacy-dashboard-app-police-security-two-factor-ces-2020
Tomi Engdahl says:
Pentesting an IOT Based Biometric Attendance Device
https://pentestmag.com/pentesting-an-iot-based-biometric-attendance-device/
Conclusion
IOT devices are often misconfigured by vendors and may open doors for anyone to access the sensitive data. In this case, the IOT device not only leaked out all the user info but also gave an opportunity for anyone to access or bypass the access control mechanism.
Tomi Engdahl says:
How Ring is rethinking privacy and security
A conversation with Ring founder Jamie Siminoff
https://techcrunch.com/2020/01/09/how-ring-is-rethinking-privacy-and-security/
Tomi Engdahl says:
https://blog.paessler.com/back-to-basics-what-is-snmp
Tomi Engdahl says:
A Trillion Security Risks
https://semiengineering.com/a-trillion-security-risks/?utm_source=hs_email&utm_medium=email&utm_content=81904673&_hsenc=p2ANqtz-8-L0mQ_X0L-RRNtHCN7gc8CVJpCSmAFfgYSyjPsdnF8JE8FHZaucdLEs63GWKJBsDQo0WIbmVREhUVNsPeYMGlWAyElFU05tJJj2xTOp8blDVygcc&_hsmi=81904673
Why an explosion in IoT devices significantly raises the threat level.
An explosion in IoT devices has significantly raised the security threat level for hardware and software, and it shows no sign of abating anytime soon.
Sometime over the next decade the number of connected devices is expected to hit the 1 trillion mark. Expecting all of them to be secure is impossible, particularly as the attack surface widens and the attack vectors become more sophisticated. In fact, a recent paper from researchers at the University of Michigan and Tokyo’s University of Electro-Communications showed how attackers could gain control of voice-controlled systems using amplitude-modulated light.
That’s just the beginning, too. The chain of communication for IoT devices is both multi-staged and unregulated.
Tomi Engdahl says:
Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
The list was shared by the operator of a DDoS booter service.
https://www.zdnet.com/article/hacker-leaks-passwords-for-more-than-500000-servers-routers-and-iot-devices/
A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) “smart” devices.
The list, which was published on a popular hacking forum, includes each device’s IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.
Tomi Engdahl says:
https://semiengineering.com/determining-what-really-needs-to-be-secured-in-a-chip/
Tomi Engdahl says:
Danny Palmer / ZDNet:
UK government proposes new IoT rules: firms must tell consumers how long security updates will be provided, ship individual devices with unique passwords, more
IoT security: Your smart devices must have these three features to be secure
https://www.zdnet.com/article/iot-security-your-smart-devices-must-have-these-three-features-to-be-secure/
Proposed laws from the UK for Internet of Things security mean vendors will need to follow new rules to be considered secure.
Tomi Engdahl says:
Security firm IOActive has published a white paper claiming that LoRaWAN low-power long-range wireless networks are at risk of attack thanks to sadly-common implementation mistakes — and puts forward a selection of open source utilities for finding security flaws.
IOActive Highlights Security Failings in LoRaWAN Deployments, Publishes Auditing Framework
https://www.hackster.io/news/ioactive-highlights-security-failings-in-lorawan-deployments-publishes-auditing-framework-5e3038846ec6
IOActive’s white paper describes common implementation issues in LoRaWAN networks — and offers a toolkit for testing and audit.
IOActive’s paper details the security features in the LoRaWAN protocol — including improvements introduced in version 1.1 — before highlighting potential risks and threats, ranging from reverse engineering of captured devices through to offline cracking of LoRaWAN cryptographic keys to allow for anything from denial of service (DoS) attacks to the transmission of fake data. The paper then goes into a range of attack scenarios in LoRaWAN deployments ranging from smart meters to industrial IoT, smart cities, and smart homes.
In mitigation, the company offers an open source package for security auditing and testing of LoRaWAN networks: the LoRaWAN Auditing Framework (LAF). Tools included in the framework offer the ability to send or fuzz uplink packets, proxy TCP and UDP traffic, brute-force AppKeys, craft custom packets, parse received packets, generate session keys, along with data collectors and processors for auditing purposes.
The company’s paper is available in PDF format from its website, while the LoRaWAN Auditing Framework is published under the BSD 3-Clause Licence on the IOActive GitHub repository
https://act-on.ioactive.com/acton/attachment/34793/f-87b45f5f-f181-44fc-82a8-8e53c501dc4e/1/-/-/-/-/LoRaWAN%20Networks%20Susceptible%20to%20Hacking.pdf
https://github.com/IOActive/laf/blob/master/LICENSE
Tomi Engdahl says:
“By combining the power and flexibility of our production ready IoT hardware with our secure, scalable and easy to integrate cloud services, we are putting in the hands of our customers something really disruptive.” – Arduino CEO Fabio Violante
https://www.arduino.cc/pro
Tomi Engdahl says:
Internet of Things devices have low entropy—a measure of how much stuff changes in their world. That makes it hard to generate the truly random numbers needed for encryption keys.
Researchers Exploit Low Entropy of IoT Devices to Break RSA Certificates
https://spectrum.ieee.org/tech-talk/telecom/security/low-entropy-iot-internet-of-things-devices-security-news-rsa-encryption
Many Internet of Things (IoT) devices rely on RSA keys and certificates to encrypt data before sending it to other devices, but these security tools can be easily compromised, new research shows.
Researchers from digital identity management company Keyfactor were able to compromise 249,553 distinct keys corresponding to 435,694 RSA certificates using a single virtual machine from Microsoft Azure.
Tomi Engdahl says:
https://www.etteplan.com/fi/artikkelit/testattua-tietoturvaa-teollisiin-jarjestelmiin
Tomi Engdahl says:
Ring’s new security ‘control center’ isn’t nearly enough
https://tcrn.ch/2OdPYv3
On the same day that a Mississippi family is suing Amazon-owned smart camera maker Ring for not doing enough to prevent hackers from spying on their kids, the company has rolled out its previously announced “control center,” which it hopes will make you forget about its verifiably “awful” security practices.
In a blog post out Thursday, Ring said the new “control center,” “empowers” customers to manage their security and privacy settings.
Ring users can check to see if they’ve enabled two-factor authentication, add and remove users from the account, see which third-party services can access their Ring cameras, and opt-out of allowing police to access their video recordings without the user’s consent.
But dig deeper and Ring’s latest changes still do practically nothing to change some of its most basic, yet highly criticized security practices.
https://blog.ring.com/2020/01/30/the-new-control-center-empowers-ring-customers-to-manage-important-privacy-and-security-settings/
Tomi Engdahl says:
Muhstik Botnet Attacks Tomato Routers to Harvest New IoT Devices
https://unit42.paloaltonetworks.com/muhstik-botnet-attacks-tomato-routers-to-harvest-new-iot-devices/
Tomi Engdahl says:
Medtronic Releases Patches for Cardiac Device Flaws Disclosed in 2018, 2019
https://www.securityweek.com/medtronic-releases-patches-cardiac-device-flaws-disclosed-2018-2019
Medical device company Medtronic informed customers last week that it has released patches for some cardiac device vulnerabilities disclosed in 2018 and 2019. The vendor says it takes time to develop and validate patches for such complex and safety-critical devices
Tomi Engdahl says:
Rogue IoT devices are putting your network at risk from hackers
https://www.zdnet.com/article/rogue-iot-devices-are-putting-your-network-at-risk-from-hackers/#ftag=RSSbaffb68
‘Shadow IoT’ devices are creating security holes within organisations
which cyber criminals are looking to exploit. Employees are bringing
their own Internet of Things connected devices to the workplace and
could be putting organisations at risk from cyber attacks because
enterprise security teams aren’t always aware that these devices are
connected to the network.
Tomi Engdahl says:
Another IoT Debacle: Charter Offers Home Insecurity
https://hackaday.com/2020/01/18/another-iot-debacle-charter-offers-home-insecurity/
If you are a glass-half-empty person, you’ll view Charter’s announcement that they will shutter their home security and smart home service on February 5th as another reason not to buy into closed-source IoT devices. If you are a glass-half-full person though, you’ll see the cable company’s announcement as a sign that a lot of Zigbee hardware will soon flood the surplus market. Ars Technica reports that after investigation it appears that some of the devices may connect to a standard Zigbee hub after a factory reset, but many others will definitely not.
Smart homes will turn dumb overnight as Charter kills security service
Charter’s product shutdown highlights lack of interoperability in alarm systems.
https://arstechnica.com/information-technology/2020/01/smart-homes-will-turn-dumb-overnight-as-charter-kills-security-service/
Tomi Engdahl says:
https://www.uusiteknologia.fi/2020/02/05/tietoverkkohyokkaus-alylampun-kautta/
Tomi Engdahl says:
A hacker has released a 0-day attack against a wide range of DVRs and cameras that use SoCs from Huawei subsidiary HiSilicon.
Huawei Subsidiary Distributes 0-Day Backdoor in DVRs, NVRs, IoT Cameras
https://www.extremetech.com/computing/305830-huawei-subsidiary-hisilicon-distributes-0-day-backdoor-in-dvrs-nvrs-iot-cameras
One issue that’s been of increasing concern to US companies and customers is the fear that Chinese companies will create hard-wired backdoors into the various networking and 5G products they sell in Western markets. Such backdoors could then be exploited for corporate espionage or government surveillance.
Thus far, the evidence for this kind of deliberate backdooring has been mixed. A damning report by Bloomberg last year — one that I initially believed — faded into confused questions over whether the company had accurately reported the situation, along with disagreements over whether the backdoor as described was even technologically possible. A UK report on Huawei’s security practices last year found ample evidence of sloppy coding and poor version control, but turned up no sign of corporate or government backdoors aimed at allowing a coordinated surveillance campaign.
Now, a new report by Vladislav Yarmak explains how Huawei subsidiary HiSilicon has integrated a firmware backdoor into the SoCs it sells to various companies that build digital video cameras (DVRs), network-connected video recorders (NVRs), and other various devices. The backdoor is integrated into the SoC firmware, which means it gets deployed anywhere the SoC is. According to Yarmak, this backdoor has been deployed in at least three different versions since 2013.
Tomi Engdahl says:
Patch Your Philips Hue Lightbulbs To Stop Them From Getting Hacked — And Potentially Everything Else On Your Network
https://m.slashdot.org/story/366766
Four years ago, security researchers showed how a flying drone could hack an entire room full of Philips Hue smart light bulbs from outside a building, by setting off a virus-like chain reaction that jumped from bulb to bulb. Today, we’re learning that vulnerability never got fully fixed — and now, researchers have figured out a way to exploit that very same issue to potentially infiltrate your home or corporate network, unless you install a patch.
https://fortune.com/2020/02/05/philips-hue-smart-lights-vulnerability-flaw/
Tomi Engdahl says:
F-Secure just made an unhackable USB sized computer
https://www-trustedreviews-com.cdn.ampproject.org/c/s/www.trustedreviews.com/news/f-secure-just-made-an-unhackable-usb-sized-computer-3982479/amp
Hardware security specialists at F-Secure have created an USB sized computer that’s super secure.
The stick is called the ‘USB armory Mk II’ and it’s one of the world’s smallest computers. It packs security from the ground up and is suitable for a wide range of applications and computing tasks, including cryptocurrency wallets, secure authentication and hardware security modules.
Andrea Barisani, Head of Hardware Security at F-Secure, added: “We routinely provide our customers with security reviews and security engineering services, which makes us both breakers and makers of technology. This gives us the ability to provide state-of-the-art security in our consulting practice. The USB armory’s hardware and software implementation clearly demonstrates this…
Tomi Engdahl says:
Netgear’s routerlogin.com HTTPS cert snafu now has a live proof of concept
And the company reaction is: not even ‘meh’
https://www.theregister.co.uk/2020/02/12/netgear_router_https_cert_poc/
An infosec researcher has published a JavaScript-based proof of concept for the Netgear routerlogin.com vulnerability revealed at the end of January.
Through service workers, scripts that browsers run as background processes, Rashid Saleem reckons he can exploit Netgear routers to successfully compromise admin panel credentials.
There’s just one catch: for Saleem’s method to work, the target has to try to log into their home router after connecting to a compromised Wi-Fi point and downloading malware.
By loading a malicious service worker for the domain routerlogin.com – the default admin panel address for Netgear consumer routers – Saleem said it is possible for a bad actor to capture and read the login credentials by executing a classic man-in-the-middle attack.
As we reported in January, Netgear was bundling valid, signed TLS certificates along with private keys embedded in firmware that anyone could freely download.
https://www.theregister.co.uk/2020/01/20/netgear_exposed_certificates/
Tomi Engdahl says:
Researcher discovers active backdoor mechanism in many IoT products
https://www.gizmochina.com/2020/02/07/researcher-says-backdoor-mechanism-still-active-in-many-iot-products/
Security researcher Vladislav Yarmak has published details about a backdoor mechanism he discovered in Xiongmai firmware, used by millions of smart devices across the globe, such as security cameras, DVRs, NVRs, and others. A firmware fix is not currently available as Yarmak did not report the issue to the company, citing a lack of trust in the vendor to properly fix the issue.
Tomi Engdahl says:
IoT Security: How to Search for Vulnerable Connected Devices
https://pentestmag.com/iot-security-how-to-search-for-vulnerable-connected-devices/
Tomi Engdahl says:
Virtual Peephole © GPL3+
Spy on cameras around the world.
https://create.arduino.cc/projecthub/carolinebuttet/virtual-peephole-355c1c
There are an estimated 770 million surveillance cameras around the world. Some of them still have their default password, making them easily accessible, by anyone who has an internet connection.
This virtual peephole is a device to watch some of those unsecured cameras. Each time the peephole is opened, a different camera is shown.
Tomi Engdahl says:
Ultrasonic bracelet jams the microphones around you
https://www.engadget.com/2020/02/15/ultrasonic-microphone-jamming-bracelet/
Tomi Engdahl says:
Mismanagement of Device Identities Could Cost Businesses Billions: Report
https://www.securityweek.com/mismanagement-device-identities-could-cost-businesses-billions-report
The cost of poorly protected device identities has long been assumed, but not proven, to be large. Specification of the part played by SSH abuse within a breach report is rare despite compromised machine identities being used by attackers to hide their malicious activity, evade security controls and steal a wide range of confidential data.
Now risk modeling and data analytics specialist AIR Worldwide has applied its expertise to assessing the cost of poorly protected device credentials. In a report sponsored by cryptographic key and digital certificate management firm Venafi, AIR Worldwide suggests the cost to U.S. business is between $15 billion and $21 billion; or between 9% to 13% of the total U.S. economic loss caused by cyber events (estimated to be $163 billion).
Tomi Engdahl says:
https://ics-radar.shodan.io/
Tomi Engdahl says:
Deviceplane wants to bring over-the-air updates to Linux edge devices | TechCrunch
https://techcrunch.com/2020/02/24/deviceplane-wants-to-bring-over-the-air-updates-to-linux-edge-devices/
Tomi Engdahl says:
https://www.eetimes.com/addressing-challenges-of-medical-electronics/
Tomi Engdahl says:
Hyperscale Requires Security Processors
https://www.eetimes.com/hyperscale-requires-security-processors/
. To meet the security demands of today’s hyperscale, hyperconnected, and hyperspeed requirements, we need security devices designed to keep up. Some of the critical use cases for such development include:
Big Data modeling computations that require securing massive amounts of data (>1TB) being delivered through 100G interfaces (also known as elephant flows) at network speeds to speed up discoveries
Real time inspection of massively scalable internet services that need to encrypt data at ultra-high rates across multiple 100G interfaces to comply with regulatory data privacy requirements
Securing dynamic online gaming and e-commerce sites that offload hyperscale traffic bursts to hardware, while supporting millions of computations per second to maintain user experience and customer loyalty
Protecting financial transactions that require single-digit microsecond latency, especially in high frequency trading environments to optimize investment decisions
The ability to scale security to support new 5G networks that need to support carrier-grade Network Address Translation in real time and enable rich multi-media content on mobile devices
Tomi Engdahl says:
Unsupported, Unpatched: New Windows Security Holes
https://www.eetimes.com/unsupported-unpatched-new-windows-security-holes/
Many generations of older Windows systems are still widely used in industrial Internet of things (IIoT) and industrial control system (ICS) installations. The fact that Windows 7 reached end-of-life last month only broadens the already-vulnerable attack surfaces of IIoT and ICS networks and gives hackers even greater opportunity to infect them with malware and disrupt operations.
Tomi Engdahl says:
Don’t worry, Alexa and friends only record you up to 19 times a day
https://www.zdnet.com/article/dont-worry-alexa-and-friends-only-record-you-up-to-19-times-a-day/
Have you ever wondered how often your smart speaker accidentally activates itself? A study from Northeastern University tried to find out.
Tomi Engdahl says:
Pay Now (Security) or Pay Later (Cyber Attacks)
Smart silicon chips have enabled the connected IoT world but, with security as an afterthought, the future is less smart.
https://www.designnews.com/cyber-security/pay-now-security-or-pay-later-cyber-attacks/66596867362405?ADTRK=InformaMarkets&elq_mid=12441&elq_cid=876648
We live in the era of smart silicon, where complex system-on-chips (SoCs) connect to the cloud and communicate with one another. These silicon, processor based SoCs have been implemented in almost every kind of IoT sensor, device, system and edge and cloud networks. Thanks to the connectivity enabled by smart silicon, we now have silicon talking to silicon.
But this connectivity and resulting convenience comes at a cost, namely, easy access to cyber-attackers. Remember the Mirai botnet that resulted in a denial of service attach (DDoS) on numerous DNS servers that shut down the east coast for a day or so? It also affected Europe. Thousands of these bots were secured in unsuspecting places like consumer devices like picture frames, roof-top weather monitors, smart lightbulbs, appliances and the like. These bots all reported to a bot-master who controlled the timing and location of the attacks.
Tomi Engdahl says:
How to Build a Hack-Proof Garage Door Opener
https://spectrum.ieee.org/geek-life/hands-on/how-to-build-a-hackproof-garage-door-opener
Tomi Engdahl says:
IoT Security: How to Search for Vulnerable Connected Devices
https://pentestmag.com/iot-security-how-to-search-for-vulnerable-connected-devices/
When you read news about recently discovered vulnerabilities or watch video presentations from conferences like Defcon, you may get the impression that these days everything is connected to the Internet and can be easily hacked. Security media outlets often stress that today IoT hacking does not require either high qualifications or specialized equipment. Let’s find out whether this is really true.