2020, Hacking, Internet and IoT - Cyber Security Informer

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Manufacturing

SecTor 2022: The IoT Hack Lab is Back!

The State of Security

SEPTEMBER 22, 2022

Last year, it was great to be back at SecTor after everything was canceled in 2020. The capacity was reduced, but the Hack Lab was still plenty busy and we loved having everyone come by and visit our table and play with the gear. The post SecTor 2022: The IoT Hack Lab is Back! appeared first on The State of Security.

IoT

IoT Hacking Internet Internet

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

The Internet of Things (IoT) has come a long, long way since precocious students at Carnegie Melon University installed micro-switches inside of a Coca-Cola vending machine so they could remotely check on the temperature and availability of their favorite beverages. The mainstreaming of IoT IoT very clearly has gone mainstream.

IoT

IoT Healthcare Internet Internet

IoT Device Takeovers Surge 100 Percent in 2020

Threatpost

OCTOBER 23, 2020

The COVID-19 pandemic, coupled with an explosion in the number of connected devices, have led to a swelling in IoT infections observed on wireless networks.

IoT

IoT Wireless Internet Internet

The Internet of Things Is Everywhere. Are You Secure?

Security Boulevard

MARCH 18, 2021

From smart homes that enable you to control your thermostat from a distance to sensors on oil rigs that help predict maintenance to autonomous vehicles to GPS sensors implanted in the horns of endangered black rhinos , the internet of things is all around you. With the increase in connected devices comes an increase in IoT attacks.

Internet

Internet Internet IoT Software

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. Telnet, the overwhelmingly popular unencrypted IoT text protocol, is the main target of brute-forcing.

IoT

IoT DDOS Passwords Malware

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. SecurityAffairs – hacking, Ttint botnet).

IoT

IoT Firmware DNS Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Researchers at AT&T discovered a new BotenaGo botnet that is using thirty three exploits to target millions of routers and IoT devices. BotenaGo is a new botnet discovered by researchers at AT&T that leverages thirty three exploits to target millions of routers and IoT devices. SecurityAffairs – hacking, BotenaGo).

IoT

IoT Firmware Malware Wireless

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022.

IoT

IoT DDOS Encryption Malware

California’s Controversial IoT Security Bill Passes

Adam Levin

SEPTEMBER 17, 2018

The first major piece of cybersecurity legislation to address vulnerabilities in Internet of Things (IoT) devices has passed in California, and is ready to be signed into law by Governor Jerry Brown. The post California’s Controversial IoT Security Bill Passes appeared first on Adam Levin. in a released last week.

IoT

IoT Manufacturing Firewall Marketing

Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT

The Security Ledger

JUNE 29, 2023

Host Paul Roberts speaks with Boyd Multerer, the CEO and founder of Kry10, which has made a secure OS for the Internet of Things. The post Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT appeared first on The Security Ledger with Paul F. billion active IoT endpoints. billion active IoT endpoints.

IoT

IoT Internet Internet CSO

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. SecurityAffairs – hacking, Mozi botnet). Pierluigi Paganini.

IoT

IoT DDOS Architecture Passwords

Critical Success Factors to Widespread Deployment of IoT

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Critical Success Factors to Widespread Deployment of IoT. Digital technology and connected IoT devices have proliferated across industries and into our daily lives. Finally, IoT devices are being used extensively in smart vehicles and home appliances to provide enhanced user experiences. Threat vectors on IoT.

IoT

IoT Manufacturing Energy and Utilities Data collection

Why Healthcare IoT Requires Strong Machine Identity Management

Security Boulevard

MAY 30, 2022

Why Healthcare IoT Requires Strong Machine Identity Management. The healthcare industry has been leveraging IoT devices for years, steadily increasing its use in facilities and patient care. By 2027, the IoT in Healthcare market is expected to reach $290 billion , up from just $60 billion in 2019. brooke.crothers.

Healthcare

Healthcare IoT Manufacturing Risk

March to 5G could pile on heavier security burden for IoT device manufacturers

SC Magazine

APRIL 9, 2021

As the Department of Defense works on standards to dictate 5G rollout, security requirements may be too much for IoT manufacturers. Of course, many security hurdles for IoT device manufacturers are not specific to 5G. The Internet of Things Cybersecurity Improvement Act of 2020 , which was enacted Dec.

Manufacturing

Manufacturing IoT Firmware Architecture

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

This flaw potentially affects millions of IOT devices manufactured by no less than 17 vendors, including some ISPs. . The ongoing attacks were spotted by researchers from Juniper Threat Labs , experts believe that were conducted by a threat actor that targeted IoT devices in a campaign since February. Pierluigi Paganini.

IoT

IoT Firmware Authentication Wireless

EU to Force IoT, Wireless Device Makers to Improve Security

eSecurity Planet

NOVEMBER 1, 2021

The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. has made some strides on IoT security at the federal level; it remains to be seen if the EU initiative will spur the U.S. IoT market growth. IoT Security Neglected.

Wireless

Wireless IoT Manufacturing Mobile

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks.

IoT

IoT Malware DDOS Advertising

Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack

Threatpost

AUGUST 6, 2020

Attackers can listen in on internet traffic for high-value targets a continent away, like shipping fleets and oil installations, using some basic home-television gear.

Hacking

Hacking Internet Internet IoT

7 Top Tips for Accelerating your IoT Projects in 2021

CyberSecurity Insiders

MARCH 25, 2021

As of the end of 2020, there were more than 26.66 billion IoT devices active across the world – a figure that is expected to grow to 75 billion by 2025. This tripling will be a phenomenal feat to achieve in the next four years and relies upon IoT projects that are currently planned or under development to mature quickly.

IoT

IoT Authentication Passwords Data collection

IoT and Machine Identity Management in Financial Services

Security Boulevard

JUNE 28, 2022

IoT and Machine Identity Management in Financial Services. How is IoT changing the financial sector? IoT has already positively impacted the financial sector and will only continue to in the future. The most notable and well-documented example of investment in the IoT infrastructure has been by retail banks.

Financial Services

Financial Services IoT Banking Retail

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Thales Cloud Protection & Licensing

JANUARY 14, 2020

Along with innovation and technology proliferation, new challenges that will shape business during 2020. The adoption of emerging technologies like 5G will fuel the proliferation of Internet of Things (IoT) that’s often built with only a few security controls and therefore creating a larger attack surface that enterprises have to deal with.,

Data privacy

Data privacy IoT Data breaches Surveillance

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Security Affairs

FEBRUARY 6, 2020

Security experts from Check Point discovered a high-severity flaw ( CVE-2020-6007 ) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. SecurityAffairs – Smart Light Bulbs, hacking). ZigBee is an IEEE 802.15.4-based ” reads the report published by CheckPoint.”Our

Hacking

Hacking IoT Wireless Firmware

Researchers Warn of Flaw Affecting Millions of IoT Devices

Threatpost

AUGUST 19, 2020

A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP.

IoT

IoT Manufacturing Internet Internet

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Adopt a comprehensive IoT security solution. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT

IoT DDOS Malware Firmware

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

Experts first observed the exploitation of the flaw in the wild on April 24, 2020, as part of an evolution of the Hoaxcalls botnet that was first discovered early of April. SecurityAffairs – Symantec Web Gateways, hacking). .” Symantec pointed out that the flaw has been fixed in Symantec Web Gateway 5.2.8 Pierluigi Paganini.

IoT

IoT DDOS Authentication Advertising

Forrester: Keeping Smart Cities Safe From Hacks

Threatpost

MARCH 2, 2020

As cities grow more connected, municipal operators must deal with new risks like ransomware, IoT hacks and more.

Hacking

Hacking IoT Ransomware Risk

New Russia Malware targets firewall appliances

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. In the first half of 2020 alone, SonicWall registered over 3.2 Now some statistic facts about malware. billion malware attacks.

Firewall

Firewall Malware IoT Software

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices

Security Affairs

NOVEMBER 26, 2021

Wi-Fi 6 officially arrived in late 2019, and Wi-Fi 6 enabled hardware was released throughout 2020. Ongoing attacks were discovered by Resecurity’s researchers while monitoring the activity of a threat actor know for targeting networks and IoT devices since early October 2021. SecurityAffairs – hacking, zero-day).

IoT

IoT Wireless DDOS VPN

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. In May 2020, Zipper told another Lolzteam member that quot[.]pw A DIRECT QUOT The domain quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

Security Affairs

NOVEMBER 15, 2021

The botnet included Internet of Things (IoT) devices and GitLab instances. The attack was launched from approximately 15,000 bots running a variant of the original Mirai code on IoT devices and unpatched GitLab instances.” SecurityAffairs – hacking, DDoS). The entire attack lasted just one minute.

DDOS

DDOS DNS IoT Internet

75% of medical infusion pumps affected by known vulnerabilities

Security Affairs

MARCH 3, 2022

“We reviewed crowdsourced data from scans of more than 200,000 infusion pumps on the networks of hospitals and other healthcare organizations using IoT Security for Healthcare from Palo Alto Networks.” Medium) 50.39% 5 CVE-2020-25165 7.5 High) 39.54% 6 CVE-2020-12040 9.8 Critical) 17.83% 7 CVE-2020-12047 9.8

Healthcare

Healthcare IoT Risk Hacking

NEW TECH: Byos pushes ‘micro segmentation’ approach to cybersecurity down to device level

The Last Watchdog

MARCH 16, 2020

Related: A use case for endpoint encryption At RSA 2020 in San Francisco recently, I learned about how something called “micro segmentation” is rapidly emerging as a viable security strategy. I had the chance to visit with Matias Katz, founder and CEO, and Ryan Bunker, business development director, at RSA 2020. I’ll keep watch.

Cybersecurity

Cybersecurity IoT Internet Internet

Threat actors exploit discontinues Boa web servers to target critical infrastructure

Security Affairs

NOVEMBER 24, 2022

The Boa web server is widely used across a variety of devices, including IoT devices, and is often used to access settings and management consoles as well as sign-in screens. Researchers at Recorded Future observed several intrusion attempts on Indian critical infrastructure since 2020 and shared IOCs related to this campaign.

IoT

IoT Firmware Software Risk

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT

IoT Advertising DDOS Authentication

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

IoT

IoT Banking Advertising Ransomware

150,000 Verkada security cameras hacked—to make a point

Malwarebytes

MARCH 12, 2021

Swiss hacker and member of the hacking collective “APT-69420 Arson Cats,” Tillie Kottmann, claimed credit for the Verkada hack. ” Kottmann was also credited for breaching Intel in August 2020 and Nissan Motors in January 2021. Verkada is still investigating the scale and scope of the breach. The attack.

Hacking

Hacking Surveillance Computers and Electronics Accountability

Security Affairs newsletter Round 328

Security Affairs

AUGUST 22, 2021

million customers Adobe addresses two critical vulnerabilities in Photoshop Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR Kalay cloud platform flaw exposes millions of IoT devices to hack Fortinet FortiWeb OS Command Injection allows takeover servers remotely 1.9 SecurityAffairs – hacking, newsletter).

Data breaches

Data breaches Mobile Ransomware DNS

The Internet of Things: Security Risks Concerns

Spinone

MARCH 17, 2018

The Internet of Things (IoT) is a term used to describe the network of interconnected electronic devices with “smart” technology. billion “things” connected to the Internet , a 30% increase from 2015. billion “things” connected to the Internet , a 30% increase from 2015.

Internet

Internet Internet Risk Computers and Electronics

Flaws in Wyze cam devices allow their complete takeover

Security Affairs

MARCH 31, 2022

The flaws were reported to Wyze in May 2019, the company addressed the CVE-2019-9564 and CVE-2019-12266 flaws in September 2019 and November 2020, respectively. SecurityAffairs – hacking, Wyze cam devices). An attacker could chain the above issue with the CVE-2019-12266 flaw to access live audio and video feeds. Pierluigi Paganini.

IoT

IoT Firmware Marketing Authentication

Router security in 2021

SecureList

JUNE 8, 2022

A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. Routers are forever being hacked and infected, and used to infiltrate local networks. During 2020 and 2021, more than 500 router vulnerabilities were found. search results for “default password” in June 2021.

DDOS

DDOS Passwords IoT Firmware

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Security Affairs

JUNE 15, 2021

A new variant of the Mirai botnet, tracked as Moobot, was spotted scanning the Internet for vulnerable Tenda routers. Researchers from AT&T Alien Lab have spotted a new variant of the Mirai botnet, tracked asu Moobot, which was scanning the Internet for the CVE-2020-10987 remote code-execution (RCE) issue in Tenda routers.

Malware

Malware Internet Internet DDOS

NurseryCam daycare cam service shut down after security breach

Security Affairs

FEBRUARY 23, 2021

Daycare camera product NurseryCam was hacked last week, the company was forced to shut down its IoT camera service. In response to the incident, the company shut down its IoT camera service on Saturday and reported the security breach to the parents. SecurityAffairs – hacking, IoT). Pierluigi Paganini.

IoT

IoT Data breaches Hacking Accountability

IoT Unravelled Part 3: Security

SecTor 2022: The IoT Hack Lab is Back!

Trending Sources

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

IoT Device Takeovers Surge 100 Percent in 2020

The Internet of Things Is Everywhere. Are You Secure?

Overview of IoT threats in 2023

New Ttint IoT botnet exploits two zero-days in Tenda routers

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

BotenaGo botnet targets millions of IoT devices using 33 exploits

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

California’s Controversial IoT Security Bill Passes

Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT

Mozi Botnet is responsible for most of the IoT Traffic

Critical Success Factors to Widespread Deployment of IoT

Why Healthcare IoT Requires Strong Machine Identity Management

March to 5G could pile on heavier security burden for IoT device manufacturers

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

EU to Force IoT, Wireless Device Makers to Improve Security

Kaiji, a new Linux malware targets IoT devices in the wild

Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack

7 Top Tips for Accelerating your IoT Projects in 2021

IoT and Machine Identity Management in Financial Services

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Researchers Warn of Flaw Affecting Millions of IoT Devices

A new Zerobot variant spreads by exploiting Apache flaws

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Forrester: Keeping Smart Cities Safe From Hacks

New Russia Malware targets firewall appliances

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices

Interview With a Crypto Scam Investment Spammer

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

75% of medical infusion pumps affected by known vulnerabilities

NEW TECH: Byos pushes ‘micro segmentation’ approach to cybersecurity down to device level

Threat actors exploit discontinues Boa web servers to target critical infrastructure

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs newsletter Round 283

150,000 Verkada security cameras hacked—to make a point

Security Affairs newsletter Round 328

The Internet of Things: Security Risks Concerns

Flaws in Wyze cam devices allow their complete takeover

Router security in 2021

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

NurseryCam daycare cam service shut down after security breach

Stay Connected