Architecture, Passwords and Surveillance

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

“These vulnerabilities could impact access to a vehicle fuel supply, vehicle control, or allow locational surveillance of vehicles in which the device is installed.” CVE-2022-2141 (CVSS score: 9.8) – Improper authentication allows a user to send some SMS commands to the GPS tracker without a password.

Manufacturing

Manufacturing Passwords Mobile Authentication

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

Attack vectors There are two main IoT infection routes: brute-forcing weak passwords and exploiting vulnerabilities in network services. A successful password cracking enables hackers to execute arbitrary commands on a device and inject malware. Unfortunately, users tend to leave these passwords unchanged.

IoT

IoT DDOS Passwords Malware

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

SecureWorld News

JANUARY 4, 2024

Databases accumulate a vast amount of sensitive information, including passwords, trade secrets, financial and personal data. Future trends in User Activity Monitoring Today, the primary challenge in adopting employee monitoring solutions is their high cost, coupled with concerns about employee demotivation due to increased surveillance.

Data collection

Data collection Artificial Intelligence Surveillance Risk

Advanced threat predictions for 2022

SecureList

NOVEMBER 17, 2021

This year, the use of surveillance software developed by private vendors has come under the spotlight, as discussed above. And now, we turn our attention to the future. Here are the developments we think we could be seeing in 2022. Private sector supporting an influx of new APT players.

Mobile

Mobile Surveillance Ransomware Government

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Adam Levin

APRIL 8, 2019

A week after it landed with a curious (and most likely spurious) thud, Zuckerberg’s announcement about a new tack on consumer privacy still has the feel of an unexpected message from some parallel universe where surveillance (commercial and/or spycraft) isn’t the new normal.

Hacking

Hacking Data privacy Artificial Intelligence System Administration

IaaS Security: Top 8 Issues & Prevention Best Practices

eSecurity Planet

DECEMBER 19, 2023

Whether you’re a seasoned cloud expert or just starting out, understanding IaaS security is critical for a resilient and secure cloud architecture. Physical Security Measures At their data centers, IaaS companies apply stringent physical security measures such as access restrictions, surveillance, and environmental controls.

Encryption

Encryption Firewall Authentication Software

Cloud Security Fundamentals: Understanding the Basics

eSecurity Planet

MAY 24, 2024

Consider applying these methods for checking your security controls: Ensure physical security: Verify the data center’s security measures, such as surveillance, access controls, and the presence of security officers, to prevent unwanted access.

Encryption

Encryption Risk Passwords Authentication

CISSPs from Around the Globe: An Interview with James Wright

CyberSecurity Insiders

SEPTEMBER 8, 2021

I work at a Fortune 100 Media and Entertainment company operating within the Information Security Architecture and Engineering group on the Cloud Security Services team. I also work with my team on leading risk assessments, authoring position papers, security architecture evaluations, and associated risk discovery activities.

Computers and Electronics

Computers and Electronics Architecture Education Cybersecurity

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

SecureList

JUNE 20, 2023

These vulnerabilities could allow an attacker to gain unauthorized access to the device and steal sensitive information, such as video footage, potentially turning the feeder into a surveillance tool. A hard-coded root password is a significant security issue because all devices of the same model share the same root password.

Firmware

Firmware Passwords Manufacturing Mobile

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

Security infrastructure and redundancy: Check the vendor’s data centers, network architecture, backup and disaster recovery plans, and uptime assurances. Assess the physical security measures: Evaluate access controls, surveillance systems, and environmental controls. Teach them how to verify the sender’s address and URL.

Risk

Risk Threat Detection Data breaches Encryption

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

Ricardo Villadiego, founder & CEO of Lumu , expects “a significant shift towards adopting models based on passwordless architectures like Google Passkeys as the dominant authentication method to combat phishing and scam campaigns. Joe Payne, President & CEO at Code42 expects biometrics to trigger a shift to insider threats. “As

Cybersecurity

Cybersecurity CISO Government Technology

IT threat evolution Q1 2021

SecureList

MAY 31, 2021

The Apple M1, a direct relative of the processors used in the iPhone and iPad, will ultimately allow Apple to unify its software under a single architecture. Just a few months after the release of the first Apple M1 computers, malware writers had already recompiled their code to adapt it to the new architecture.

Malware

Malware Adware Encryption Architecture

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

It's like using a hash of your street address, as the password for your front door. The Mirai botnet contributed to a massive denial of service attack that brought parts of the Internet to a standstill, what was remarkable was that Mariah was constructed from 1000s of Internet of Things devices, namely surveillance cameras.

IoT

IoT Hacking Internet Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

It's like using a hash of your street address, as the password for your front door. The Mirai botnet contributed to a massive denial of service attack that brought parts of the Internet to a standstill, what was remarkable was that Mariah was constructed from 1000s of Internet of Things devices, namely surveillance cameras.

IoT

IoT Hacking Internet Internet

APT trends report Q1 2022

SecureList

APRIL 27, 2022

While we were unable to obtain the same results by analyzing the CERT-UA samples, we subsequently identified a different WhiteBlackCrypt sample matching the WhisperKill architecture and sharing similar code. On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine.

Malware

Malware Firmware Government Phishing

APT trends report Q3 2023

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. In its most recent wave of attacks, BlindEagle has once again adapted, embracing yet another open-source RAT, Agent Tesla. The initial attack vector was a phishing email disguised as an email from a government entity or service.

Government

Government Malware VPN Manufacturing

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

You had to figure out how to configure Kermit, get passwords to get on. Hacker was more about the pursuit of knowledge. And that pursuit of knowledge because it was harder to find things that weren't search engines. To the local facts and you had to, you know, find the guy who was a sysadmin who maybe you could, you know, get all the manuals.

Hacking

Hacking Media InfoSec Internet

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

ForAllSecure

OCTOBER 5, 2021

It was for 1000s of compromised, Internet of Things, enabled devices, such as surveillance cameras, residential gateways, internet connected printers, and even in home baby monitors these devices themselves are often thought of as not having much in the way of resources, and really they don't have many computing resources.

IoT

IoT DDOS Malware Internet

Cyber Security Informer

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Overview of IoT threats in 2023

Trending Sources

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

Advanced threat predictions for 2022

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

IaaS Security: Top 8 Issues & Prevention Best Practices

Cloud Security Fundamentals: Understanding the Basics

CISSPs from Around the Globe: An Interview with James Wright

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

What Is a SaaS Security Checklist? Tips & Free Template

5 Major Cybersecurity Trends to Know for 2024

IT threat evolution Q1 2021

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

APT trends report Q1 2022

APT trends report Q3 2023

The Hacker Mind Podcast: Hacking Real World Criminals Online

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

Stay Connected