IoT, internet of things news & analysis | SC Media

IoT News and analysis

Lucky break: Cracked windshield helps hacker find bug in Tesla

Hackers typically crack software, but web application security researcher Sam Curry quite literally cracked his Tesla Model 3 and discovered a vulnerability that earned him a hefty reward from the car maker’s bug bounty program. After a rock bounced up and damaged the windshield of Curry’s very own Model 3, the seemingly unlucky happenstance actually…

Dire straights: Glamoriser smart hair straighteners susceptible to hacking, warn researchers

Here’s some news that might curl your hair: A pen testing firm has disclosed a vulnerability in the Glamoriser smart hair straightener that could allow attackers to easy gain control of the device and perhaps create a fire hazard. The problem involves the Bluetooth Low Energy connection that the straightener uses to communicate with mobile…

D-Link agrees to overhaul security in FTC settlement

D-Link agreed to make several security enhancements that overhaul the firm’s security platform to settle a Federal Trade Commission (FTC) litigation case concerning allegations that the company misrepresented the security of its products.  The case stems from a 2017 complaint against D-Link for the company’s routers and IoT cameras leaving sensitive consumer information, including live…

Unlucky 13: Mirai variant uses baker’s dozen of exploits to compromise IoT devices

Researchers at Trend Micro have discovered another new variant of Mirai botnet malware that uses a unique combination of 13 exploits designed to hijack IoT devices. With these 13 exploits, this “Backdoor.Linux.MIRAI.VWIPT” variant is capable of targeting Vacron network video recorders, Dasan GPON routers, D-Link devices, various CCTV-DVR vendors, devices using Realtek SDK with the…

IOT2

Uptick in IoT related data breaches as unsecured devices increase

A recent  Ponemon Institute study found, there has been a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017. The study found these breaches account for 26 percent of incidents, up from 15 percent, although the actual number may be greater as most organizations aren’t aware of…

Three serious vulnerabilities found in PrinterLogic software

The current and older versions of PrinterLogic Print Management Software contain three high-severity vulnerabilities that would-be attackers could exploit to reconfigure the software and remotely execute code. According to a security advisory from the CERT/CC at Carnegie Mellon University’s Software Engineering Institute, the PrinterLogic agent fails to properly validate the PrinterLogic management portal’s SSL certificate…

Flawed P2P technology threatens millions of IoT devices

At least two million internet-connected devices featuring the peer-to-peer (P2P) communications technology iLnkP2P contain two major security flaws that could allow malicious actors to discover the products online, snoop on them and hijack them. Security researcher Paul Marrapese discovered the issue in hundreds of brands of security cameras, baby monitors, smart doorbells and digital video…

Chucky is a rogue IoT device in latest Child’s Play trailer

The most recent iteration of the Child’s Play franchise features the murderous doll Chucky as a rogue IoT device gone mad. The new film’s trailer features Chucky connected to the “Buddi” platform which allows users to control all of their connected home devices including various electronics, toys, and anything else that can be forged into…