IoT News, Articles and Updates

Brazilian banking customers targeted by IoT DNS hijacking attacks

Attackers launched a DNS hijacking campaign targeting Brazilian bank customer credentials through the end-user IoT devices.

Black Hat USA 2018: Car hackers Miller and Valasek now using their skills for good

The old phrase that it's hard to teach an old dog new tricks may not be as accurate as one might have thought, as the notorious car hackers Charlie Miller and Chris Valasek gave a talk this week at Black Hat 2018 about how to properly secure autonomous vehicles from cyberattacks.

Cyberattacks soared in Finland prior to Trump-Putin summit; IoT devices a major target

Cyberattacks against Finland skyrocketed in the days leading up to the July 16 Helsinki summit between Donald Trump and Vladimir Putin -- the majority of which were attempts to brute force IoT devices.

Dasan and D-Link routers targeted by apparent botnet in new wave of exploit attacks

An apparent botnet comprised of more than 3,000 separate source IPs generated a large, sudden spike in exploit attacks on July 19, targeting D-Link 2750B and certain Dasan GPON (Gigabit Passive Optical Network) small and home office routers.

Ukrainian officials blame Russia for VPNFilter attack on chlorine plant

The Ukrainian Secret Service is blaming Russian intelligence for an attack it blocked that was launched upon a chlorine distillation plan in the Dnipropetrovsk region using VPNFilter malware.

Bot infects connected devices with miner linked to Chinese money scam site

Researchers have uncovered a malware bot that infects Linux-based servers and connected devices with a cryptominer that appears to transfer funds to the operators of a Chinese money-making scam website.

FTC pushes IoT security to NTIA working group

The FTC acknowledged the "enormous benefits" of IoT and called for "reasonable steps" to bolster security and privacy.

Tapplock Smart locks found to be physically and digitally vulnerable

Tapplock Smart locks contain several physical and digital vulnerabilities, each of which could allow an attacker to crack the lock with some attacks taking as little as two seconds to execute.

Microsoft Cortana vulnerability patched

One vulnerability patched by Microsoft yesterday fixes an elevation of privilege issue in its Cortana voice assistant when used in a Windows 10 device.

U.S. issues sanctions on Russian firms, citizens for NotPetya and other cyberattacks

The U.S. Treasury Department issued sanctions Monday against five Russian companies and three citizens for providing material and technical support to the Russian Federation government for the NotPetya and other cyberattacks.

MIT researchers develop frequency-hopping transmitter that fends off attackers

Academic researchers say they have invented a transmitter that can secure billions of Internet of Things products by individually scattering each bit of data that a device wirelessly sends out onto different radio frequency channels, thus preventing attackers from intercepting a full packet and manipulating its data.

Face, iris scanners gaining ground on fingerprint readers as a security measure

The biometric side of the cybersecurity equation is getting ready to put fingerprint readers in its rear-view mirror as newer technologies coming into the market prove more capable.

Flaws in smart pet devices, apps could come back to bite owners

The secret lives of pets -- and their owners -- may not be so secret anymore if attackers take advantage of the dozen vulnerabilities that researchers recently observed while analyzing smart devices used to track animals and their activity.

Mirai-variant attack launched from Mexico

A pair of Trend Micro research teams has detected and done a quick cyber autopsy on a new Mirai-like attack that popped up in Mexico earlier this month targeting Gigabit Passive Optical Network (GPON) home routers and IP webcams.

Report: Ring updates smart doorbell app due to risky password change process

Home security product manufacturer Ring reportedly made changes to its smart doorbell system last January after learning that the product's app was not automatically logging off users from their accounts after they changed their passwords.

Doctors at RSA simulate emergency overdose caused by hacked medical pump

Doctors at RSA on Thursday presented a riveting simulation of a health care emergency caused by a medical device hack -- showing that physicians' trust in the integrity of their equipment can be misplaced.

Proof-of-concept ransomware attack transforms robots into extortionists

Researchers from IOActive have developed a proof-of-concept attack that turns ordinarily benevolent robots into malicious, money-grubbing automatons who demand bitcoin as a ransom payment.

Interpol warns IoT devices at risk

Interpol recently drew 43 investigators and digital forensics pros from 23 countries together for its Digital Security Challenge - one in which a cyberattack is launched from a hacked IoT device, a webcam.

FYI, the OMG Mirai botnet variant turns IoT devices into proxy servers

A newly discovered variant of Mirai botnet malware forces infected devices to act as proxy servers capable of protecting the anonymity of cybercriminals engaging in illegal activities.

APIs in Samsung, Roku devices unsecure: Consumer Reports

Several Smart TVs from Samsung and others using the Roku TV platform, as well as media players from that company, are susceptible cyberattacks, according to Consumer Reports, a claim denied vehemently by Roku.

Consumers worry about their data, but don't bother much with security

A recent worldwide consumer survey found a major disconnect between general fears about cybersecurity and the actions taken to protect not only their personal information, but their families from cyberattacks.

Privacy of location tracking device owners threatened by 'Trackmageddon' flaws

A slew of online services used to manage GPS- and GSM-based location tracking devices have been found vulnerable to flaws that could allow attackers to hijack these devices and reveal their owners' past and current locations.

Malware behind Satori botnet posted to Pastebin

The code that exploits a flaw in Huawei a router that enables these devices to be turned into botnets to push Satori and Brickerbot has been publicly posted on Pastebin.

Report: Internet-Connected Speakers Can Lead to a Broken Record

Music lovers connected to wireless, Internet-connected Sonos speakers beware that their audio systems could have been unwittingly usurped for nefarious purposes, according to a new report from Trend Micro.

BrickerBot creators announce retirement from active operations

The individual, or people, behind the BrickerBot malware attacks have decided to hang up their mouse and keyboard after claiming to have locked more than 10 million supposedly unsecure Internet of Things devices.