Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Now for the big challenge - security. Let's dive into it.

IoT 358

IoT Firmware Risk Manufacturing 358

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. ” concludes the report. Pierluigi Paganini.

IoT 137

IoT Firmware DNS Advertising 137

SecureList

SEPTEMBER 21, 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. Telnet, the overwhelmingly popular unencrypted IoT text protocol, is the main target of brute-forcing.

IoT 93

IoT DDOS Passwords Malware 93

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” Pierluigi Paganini.

IoT 78

IoT Hacking DNS Authentication 78

Security Affairs

FEBRUARY 23, 2019

A user reported that its D-Link DNS-320 device was infected by malicious code. The D-Link DNS-320 model is no more available for sale, one of the members of the forum explained that the firmware of its NAS was never updated and its device was exposed to WAN through ports 8080, FTP port 21, and a range of ports for port forwarding.

Ransomware 87

Ransomware DNS Firmware Encryption 87

eSecurity Planet

MARCH 22, 2023

Similarly, spoofed domain name system (DNS) and IP addresses can redirect users from legitimate connections to dangerous and malicious websites. Some applications, cloud infrastructure, networking equipment, or Internet of Things (IoT) devices may require more sophisticated ITAM or additional tools to detect them.

Firewall 108

Firewall Network Security Penetration Testing Encryption 108

eSecurity Planet

MARCH 16, 2023

DNS attacks : DNS cache poisoning, or hijacking, redirects a legitimate site’s DNS address and takes users to a malicious site when they attempt to navigate to that webpage. This includes IoT devices. Sooner rather than later, you’ll want to perform an audit of your OT and IoT devices. Segmentation.

Network Security 108

Network Security Firewall Internet Internet 108