IoT, internet of things news & analysis | SC Media

IoT News and analysis

TheHackerGiraffe back in action pushing PewDiePie videos

Thousands of improperly secured Chromecasts, SmartTVs and Google home assistants are being hacked and forced to play PewDiePie’s YouTube channel by a group that claims its actions are altruistic and merely designed to show the users they have poor cybersecurity. TheHackerGiraffe group, which took responsibility for an earlier similar attack against thousands of printers, that…

lightbulbs cloud

Connected light bulbs give off more than just light

Turning on a “smart” light bulb may be the latest way people inadvertently flood the internet with their personal information. A new Symantec report has revealed that some of these connected, Wi-Fi-enabled IoT devices are unsecure and can enable a hacker to quickly come away with passwords, email addresses and other important information. While looking at some…

v2printer.jpg

Hacker forces thousands of printers to churn out PewDiePie support message

For the second time in less than three weeks, a hacker has forced thousands of internet-connected printers to spit out messages in support of Swedish video game commentator and YouTube star PewDiePie. The prankster said he (or she) is doing it to raise cybersecurity awareness, according to a BBC report, and claims he could even…

2019 cybersecurity predictions – IoT

Tim Steinkopf, president, CentrifyThe coming year will be rife with new laws related to cybersecurity and data privacy. For example, large-scale IoT hacks affect countless devices. IoT devices range from home security cameras to massive machine-to-machine industrial networks and represent a massive broadening of the potential threatscape. Statista predicts there will be more than 30…

Cryptomining campaign pulls new ‘Linux Rabbit’ malware out of its black hat

A two-month Monero cryptomining campaign targeted both Linux-based servers and Internet of Things devices with a newly discovered malware family called “Linux Rabbit,” researchers have reported. The operation occurred in two phases, each of which used a distinct version of Linux Rabbit that shares the same code base as the other iteration, according to a Dec. 6…

WirelessRouter2

IoT botnet BCMUPnP_Hunter targets routers with vulnerable UPnP feature

A large-scale botnet malware operation has been targeting router equipment running vulnerable versions of the Broadcom Universal Plug and Play (UPnP) feature. Active since at least September 2018, malicious campaign appears to be infecting devices for the likely purpose of converting them into spam bots, according to a blog post yesterday from researchers at Qihoo’s…

WirelessRouter2

Patched MikroTik router bug more dangerous than originally believed

A patched vulnerability in MikroTik routers that researchers once believed could only be exploited to read affected files turns out to be far more serious, as it can also allow attackers to write over these same files. That means the vulnerability, known as directory traversal bug CVE-2018-14847, can actually be abused to commit remote code execution,…

Lightly secured cloud, with a chance of IoT attacks

As clouds gather in the public and private sectors, the Internet of Things (IoT) – and all the devices it brings – has organized into a hurricane-sized force that challenges evolving security strategies. Earlier this year, researchers developed a Stuxnet-like malware proof-of-concept attack which they claimed could infiltrate critical infrastructure and potentially disrupt the power…

Torii malware could be gateway to more sophisticated IoT botnet attacks

Researchers have discovered yet another Internet of Things botnet derived from Mirai — but instead of conducting DDoS attacks or cryptomining like most variants, this one’s core functionality is exfiltrating information and executing malicious commands. Making matters worse, the malware’s potential target list is unusually large, considering that it supports attacks against a variety of…

Pair of surveys underscore importance of secure PKI in government, IoT

Both the federal government and Internet of Things manufacturers are facing key challenges and opportunities in regards to implementing secure Public Key Infrastructure practices for digital certificate management and encryption, according to a pair of newly published research reports. The first report, from machine identity protection company Venafi, reveals data compiled from a survey of 100 federal…

Next post in Encryption/Data Security