Smashing Security podcast #038: Gents! Stop airdropping your pics!

WannaCry hero Marcus Hutchins (aka MalwareTech) pleads not guilty to malware charges, the Scottish parliament is hit by a brute force attack, IoT smart locks aren’t so smart, and.. ahem.. someone is sending intimate pics via AirDrop to unsuspecting commuters.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.

Hundreds of ‘smart’ locks bricked by flubbed remote update

A fouled-up over-the-air firmware update rendered hundreds of a smart lock vendor’s products unopenable.


David Bisson reports.

Millions of IoT devices at hacking risk due to flaw in open source software library

Once again questions are being asked about IOT security after it was revealed that a buggy software library is being used in millions of devices connected to the internet around the world.

Read more in my article on the Bitdefender BOX blog.

EU security body calls for a security trust mark for IoT devices

For all the excitement and buzz around the Internet of Things, spurred on by connected gadgets being sold in great numbers both online and on the high street, there is no denying that it has a serious problem.

Read more in my article on the Bitdefender Box blog.

Persirai IoT botnet threatens to hijack over 120,000 IP cameras

Internet-connected cameras around the world are once again being hijacked by malicious hackers in order to carry out distributed denial-of-service (DDoS) attacks.

Read more in my article on the Tripwire State of Security blog.

ISP brought down by warring malware families

A battle between two rival families of malware is being blamed for the downtime that a Californian ISP suffered earlier this month.

Read more in my article on the Tripwire State of Security blog.

The Hajime IoT worm fights the Mirai botnet for control of your devices

The Hajime malware is worming its way through DVRs, CCTV systems, and other poorly-protected Internet of Things (IoT) devices.

David Bisson reports.

Smart sex toy’s security flaws fulfil every hacker’s fantasy

A connectable dildo suffers from numerous vulnerabilities that make it trivial for attackers to steal users’… well, “private” data.

David Bisson reports.

Ransomware attack impacted 70% of Washington DC police surveillance cameras

Officials found 123 of 187 network video recorders capturing CCTV footage had fallen victim to two strains of ransomware.

David Bisson reports.

Kids’ privacy-endangering internet-connected toys should be banned, says EPIC

The Electronic Privacy Information Center (EPIC) is asking the FTC to ban vulnerable IoT-enabled toys from the marketplace.

David Bisson reports.

Insecure IoT gear can help hackers turn your phone into a GPS tracker

A hacker could exploit a series of vulnerabilities in Belkin home automation gear to turn your Android phone into a secret GPS tracker.

David Bisson reports.

Download the Mirai source code, and you can run your own Internet of Things botnet

Hijacking millions of IoT devices for evil just became that little bit easier.

Smart IoT socket suffers from dumb security vulnerabilities

Researchers have come across flaws in an internet-enabled power socket as part of their ongoing efforts to raise awareness about IoT security.

David Bisson reports.

The internet of insecure, untrustworthy things

Speaking on the Technical Day at Microsoft’s Future Decoded event, I had some thing to say about what we need to understand about the security of the internet of things.

Watch how hackers can disable brakes and steal your personal data

Modern cars are more and more dependent on computer systems. And guess what? They can be hacked.

Learn more in my article on the We Live Security blog.

It’s Safer Internet Day. So where is our Internet of Secure Things?

It’s Safer Internet Day. But millions of devices which have not been designed with security in mind are connecting to the internet. Shouldn’t we be able to tell the manufacturers that enough is enough?

Read more on the We Live Security blog.