Instant Lockdown...
Hundreds of Internet-connected locks became inoperable last week after a faulty software update caused them to experience a fatal system error, manufacturer LockState said. The incident is the latest reminder that the so-called Internet of Things—in which locks, thermostats, and other everyday appliances are embedded with small Internet-connected computers—often provide as many annoyances as they do conveniences.
more
---
Fish Tank Phishing...
The hackers attempted to acquire data from a North American casino by using an Internet-connected fish tank, according to a report released Thursday by cybersecurity firm Darktrace.
The fish tank had sensors connected to a PC that regulated the temperature, food and cleanliness of the tank.“Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data,” said Justin Fier, Darktrace’s director of cyber intelligence.
more
---
Flatline Surfing
Over a third of IoT medical device organizations suffer security incidents... Many medical devices are not built with cybersecurity in mind, yet a survey by Deloitte Cyber Risk Services
of over 370 professionals organizations operating in the medical
device/IoT arena shows that 36.5 percent have suffered a cyber security
incident in the past year.
more
---
Wait! What? You mean they are not secure!?!?
The Department of Homeland Security (DHS) has announced a $750k
investment to develop a solution which bolsters the security of IoT
disaster sensors.
more
---
This Really Sucks
iRobot, the company that makes the adorable Roomba robots that trundle
around your home sucking up everything in their path, has revealed its
plans to sell maps of living rooms to the world's biggest tech
companies.
more
---
Car Wash Crazies
A group of security researchers have exposed the vulnerabilities in
automatic car washes and proved just how easy it can be for hackers to
target an internet-connected, drive-through car wash and damage
vehicles. Their findings showed an attacker could easily manipulate bay doors to
trap or strike vehicles in the car wash. Their findings showed an attacker could easily manipulate bay doors to
trap or strike vehicles in the car wash.
Hackers could also potentially
control the mechanical arms inside the car wash, releasing powerful
streams of water at a vehicle’s doors to prevent passengers from
leaving. more
---
IoT Army MIA
In a competition between 24 skilled cyber amateurs, IoT connected soldiers were hit by a sophisticated mock cyber attack. ...designed to secretly intercept and control communications, resulting in a loss of contact with the unit of soldiers.
more
---
Security Camera Insecurity times Millions
A flaw in a widely-used code library known as gSOAP has
exposed millions of IoT devices, such as security cameras, to a remote attack. Researchers at IoT security firm Senrio discovered the Devil's Ivy flaw, a stack buffer overflow bug, while probing the remote configuration services of the M3004 dome camera from Axis Communications... Axis Communications confirmed that 249 of its 251 surveillance camera models were affected by the flaw.
more
---
Alexa. My Wife Never Listens. Will You?
Every good paranoiac sees
an always-listening device like an Amazon Echo as a potential spy
sitting in plain sight. Now one security researcher has shown exactly
how fine the line is between countertop computer and surveillance tool.
With just a few minutes of hands-on time, a hacker could turn an Echo
into a personal eavesdropping microphone without leaving any physical
trace.
more
---
FutureWatch - Soon ALL organizations will need a good Technical Security Consultant on-call. Periodically checking for new unintentional (and intentional) security vulnerabilities is their specialty. ~Kevin