IoT

Smashing Security podcast #111: When rivals hack, and ‘extreme’ baby monitors

Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Zoë Rose.

Spooked by a speaking security camera? Polite hacker tells owner how to fix his IoT security

The “white hat” hacker, who claimed to be part of a group calling itself the “Anonymous Calgary Mindhive”, said it hadn’t been hard for him to hijack control of a man’s Nest security camera.

Read more in my article on the Bitdefender Box blog.

Smashing Security podcast #100: IoT failures, and Donald Trump dating disaster

Yes, it’s the 100th edition of the “Smashing Security” podcast.

There’s a little celebration at both ends of this week’s podcast – but the meat of the sandwich is our normal look at the security stories of the last week – including an alarming IoT failure and a dating app disaster for Donald Trump devotees.

California’s ban on weak default passwords isn’t going to fix IoT security

Getting rid of hardcoded default passwords is not enough. There is a long way to go before we can feel confident that IoT devices have become significantly safer.

Read more in my article on the Bitdefender BOX blog.

‘Peekaboo’ zero-day lets hackers view and alter surveillance camera footage

Hundreds of thousands of security cameras are believed to be vulnerable to a zero-day vulnerability that could allow hackers to spy on feeds and even tamper with video surveillance recordings.

Read more in my article on the Bitdefender BOX blog.

MadIoT: How an IoT botnet could launch a major attack on the power grid

Academic researchers claim that hackers could exploit high wattage IoT appliances such as air conditioners, heaters, and cookers, to perform attacks on the power grid.

Read more in my article on the Bitdefender BOX blog.

IoT search engine exposes passwords of over 30,000 vulnerable DVRs

A researcher has discovered that it’s easier than ever before to hack at least one brand of internet-enabled DVR, as an IoT search engine has cached their passwords within search results.

Read more in my article on the Bitdefender BOX blog.

Smashing Security podcast #084: No! My voice is not my password

Who’s been collecting the voice prints of millions of people saying “My voice is my password”? Why has it become tougher for law enforcement to scoop up cellphone data? And who’s been turning up your central heating?

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes from AMTSO.

Smashing Security podcast #081: Hacker no-hopers, Wessex Water has a word, and we win an award

The ‘mastermind’ behind the Owari botnet doesn’t seem to have learnt anything from his victims, someone at Wessex Water forgets to remove an embarrassing sentence from a letter sent to customers, and we’re officially the best security podcast!

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, with cameo appearances by John Hawes, John Leyden, Paul Ducklin, and Mikko Hyppönen.

The NSA wants its algorithms to be a global IoT standard. But they’re simply not trusted

Part of the concern is that the Simon and Speck algorithms might contain encryption backdoors that would be abused by US authorities.

Read more in my article on the Bitdefender Box blog.

Too many IoT smartphone apps making life easy for online criminals

Warnings have been raised again about the security of the smartphone apps used to control IoT devices, with many found to be lacking elementary security and privacy measures.

Read more in my article on the Bitdefender Box blog.

Hacking these IoT baby monitors is child’s play, researchers reveal

Austrian security researchers have this week warned about the latest baby monitor affected by critical security vulnerabilities which raise very real privacy concerns.

Read more in my article on the Bitdefender Box blog.

The Mirai botnet: three men plead guilty after weaponizing the Internet of Things

The Mirai botnet launched an attack on the internet, the scale of which had never been seen before.

And now some of its perpetrators have admitted their criminal involvement.

Read more in my article on the Tripwire State of Security blog.

Reaper IoT botnet could be more devastating than Mirai

Think the Mirai botnet which launched a DDoS attack that knocked major websites offline last year was bad?

It’s possible that you ain’t seen nothing yet.

Read more in my article on the Bitdefender Box blog.

Dnsmasq vulnerability puts home routers and IoT devices at risk

Vulnerability researchers at Google have uncovered exploitable software flaws in code running on internet-connected devices that could allow a malicious hacker to run remotely any code of their choosing.

Read more in my article on the Bitdefender Box blog.

Budding malware author uses same Skype ID across job applications and IoT botnet ads

A young malware developer is using the same Skype ID for applying to jobs and advertising their Internet of Things (IoT) botnet.

David Bisson reports.