Threatpost

SEPTEMBER 17, 2018

Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug.

Surveillance 88

Surveillance Firmware IoT Hacking 88

CyberSecurity Insiders

JUNE 29, 2021

A recent study made by Nozomi Networks, a security company that offers solutions for IoT products has discovered that millions of connected cameras are on the verge of being hijacked by cyber crooks through a vulnerability. US Cybersecurity and Infrastructure Security Agency issued a warning recently and assigned a 9.1

Firmware 85

Firmware IoT Surveillance Manufacturing 85

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 98

DDOS Firmware Surveillance IoT 98

SecureList

JUNE 20, 2023

The findings of the study reveal a number of serious security issues, including the use of hard-coded credentials, and an insecure firmware update process. We later managed to extract the firmware from the EEPROM for further static reverse engineering. Further hardware analysis of the circuit board helped us identify chips.

Firmware 107

Firmware Passwords Manufacturing Mobile 107

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors. And what then are the tools and knowledge that you need to get started hacking IoT devices. Funny thing.

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors. And what then are the tools and knowledge that you need to get started hacking IoT devices. Funny thing.

IoT 52

IoT Hacking Internet Internet 52

Security Affairs

APRIL 13, 2022

Researchers at healthcare IoT security firm Cynerio discovered a collection of five vulnerabilities impacting TUG autonomous mobile robots, collectively named JekyllBot:5 , that could be exploited by remote attackers to hack the devices. .”

Mobile 111

Mobile Hacking Firmware Surveillance 111

Security Affairs

JULY 25, 2018

AVTech is one of the world’s leading CCTV manufacturers, it is the largest public-listed company in the Taiwan surveillance industry. EliteLands is using a 2-years old exploit that could be used to trigger tens of well-known vulnerabilities in the AVTech firmware.

Firmware 69

Firmware Passwords Advertising IoT 69

The Security Ledger

DECEMBER 19, 2023

Security researcher and IoT hacker Dennis Giese talks about his mission to liberate robot vacuums from the control of their manufacturers, letting owners tinker with their own devices and - importantly - control the data they collect about our most intimate surroundings. Forget the IoT. Read the whole entry. »

IoT 75

IoT Internet Internet Manufacturing 75

Security Affairs

JULY 20, 2018

Positive Technologies discovered two flaws affecting Dongguan Diqee 360 smart vacuums that can be used to perform video surveillance. “Like any other IoT device, these robot vacuum cleaners could be marshalled into a botnet for DDoS attacks, but that’s not even the worst-case scenario, at least for owners. .”

Firmware 67

Firmware Surveillance Technology Authentication 67

Security Affairs

DECEMBER 29, 2019

IoT vendor Wyze announced that one of its servers exposed the details of roughly 2.4 IoT vendor Wyze announced that details of roughly 2.4 The incident was independently verified by the authors of the blog IPVM that focuses on video surveillance products. million customers. million customers were accidentally exposed online.

IoT 96

IoT Accountability Advertising Wireless 96

eSecurity Planet

SEPTEMBER 9, 2024

The potential for cyberattacks increases with industrial control systems becoming more interconnected through the Internet of Things (IoT) and cloud-based systems. Patch management: Keeping software and firmware up to date to close security gaps. What is the Importance of Cybersecurity in an Industrial Control System (ICS)?

Firmware 111

Firmware Encryption Manufacturing Risk 111

Pen Test

OCTOBER 12, 2023

Criminals may use hijacked drones for illegal surveillance, smuggling, or even as weapons. It's suitable for resource-constrained RF devices, making it a popular choice for low-power IoT applications. What are the common firmware and software vulnerabilities in RF devices that can be exploited?

Encryption 52

Encryption Firmware Surveillance Technology 52

Security Affairs

JULY 23, 2018

Both vulnerabilities effects Sony IPELA E series G5 firmware 1.87.00, the tech giant released an update last week to address them. This means that the attacker can provide content to trigger the stack-based buffer overflow that could allow the attacker to remotely execute commands on the affected device.

Advertising 82

Advertising Firmware Hacking Surveillance 82

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. The flaws reside in a feature named the “XMEye P2P Cloud” that is enabled by default which is used to connect surveillance devices to the cloud infrastructure. Pierluigi Paganini.

Surveillance 108

Surveillance Hacking Firmware Manufacturing 108

ForAllSecure

OCTOBER 5, 2021

In 2016, the Mirai IoT botnet shut down part of the internet, yet variations still plague us today. Maybe our current approach to IoT botnets isn’t working? They spoke at BlackHat USA 2021 where they launched a new tool to find IoT based CnC servers. Clearly, there needs to be another approach. Davanian: This is Ali.

IoT 52

IoT DDOS Malware Internet 52

eSecurity Planet

JULY 8, 2024

These vulnerabilities affected diverse areas, including network infrastructure, software libraries, IoT devices, and even CPUs. Traeger addressed unauthorized controls on IoT grills before July 4th. To protect your network devices from potential risks, apply patches on a regular basis and keep their firmware up to date.

Risk 64

Risk Authentication Firmware Surveillance 64

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. The first one, in January, was MoonBounce ; the other was CosmicStrand in July 2022.

Firmware 130

Firmware Surveillance Mobile Telecommunications 130

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. The fix: Update libraries and instances to versions patched after February 8, 2024. and a medium (CVSS 4.3)

IoT 119

IoT Internet Internet Ransomware 119

CyberSecurity Insiders

SEPTEMBER 24, 2021

China-based video surveillance related product offering company Hikvision has issued a security advisory saying that all those using their security cameras and NVRs must know a critical vulnerability on its devices that could allow hackers to take control of the cameras and use them as bots to launch DDoS or other related attacks.

Surveillance 96

Surveillance Firmware DDOS IoT 96