Security researchers have discovered a glaring security hole that exposes the home network password of users of a Wi-Fi-enabled video doorbell. The issue underlines how default configurations of IoT components can introduce easy to exploit security holes.
The Ring allows punters to answer people knocking on your door from your mobile phone, even when you’re not at home. The kit acts as a CCTV camera, automatically activating if people approach your door, letting homeowners talk to visitors, delivery couriers and so on. There’s an optional feature that allows the kit to hook up to some smart door locks, so users can let guests into their home even when they aren’t in.
Read moreThe conference “Actual issues of implementing the SORM on telecommunication networks of Russia” (SORM-2015) was held on November 24, 2015 in Moscow, Russia. At this conference the issues of interaction between telecommunications companies, telecommunications operators and special services were discussed.
The reason – the launch of new technologies VoLTE and VoWiFi to make VoIP communications in 4G and Wi-Fi networks. The problem is that now the intelligence agencies have specific requirements for the system of interaction of operators with special services. But these requirements are technically obsolete, and prevent introduction of new technologies.
Read moreMattel’s latest Wi-Fi enabled Barbie doll can easily be hacked to turn it into a surveillance device for spying on children and listening into conversations without the owner’s knowledge.
The Hello Barbie doll is billed as the world’s first “interactive doll” capable of listening to a child and responding via voice, in a similar way to Apple’s Siri, Google’s Now and Microsoft’s Cortana. It connects to the internet via Wi-Fi and has a microphone to record children and send that information off to third-parties for processing before responding with natural language responses. When connected to Wi-Fi the doll was vulnerable to hacking.
Read moreThe same team of security researchers who discovered that the Wi-Fi iKettle from Smarter blurted out wireless network credentials have found cause for concern over a Wi-Fi Coffee Machine, and iKettle 2.0, from the same manufacturer.
Pen Test Partners mapped and hacked insecure connected iKettles across London, proving they can leak Wi-Fi passwords, as previously reported. Things have improved with the Wi-Fi Coffee Machine from Smarter (which is passionate about "tea, coffee and technology", according to its website) but not to the extent that it’s completely secure, according to preliminary findings from Pen Test Partners' research.
Read moreA year ago our colleague David Jacoby, a researcher at GReAT, successfully attempted to hack his own home and discovered a lot of curious things. David’s experiment inspired many employees around the world. Many employees decided to carry out the same research on their own homes.
To probe smart things for bugs, we chose several popular Internet of Things devices, such as Google Chromecast, an IP camera and a smart coffee machine and a home security system – all of which could be controlled by a smartphone or mobile app. The models and devices were chosen at random and was quite vendor agnostic.
Read moreAviation has always been focused on safety and had remained the most secure industry that ever existed. However, the buzz was about another aspect of security — the one quite surprising for an average passenger and quite expected for an IT specialist.
It’s not a secret that today’s aircraft are one huge computer, with the pilot being more of a PC operator rather than of an actual ‘ace’ pilot — he handles a single task of supervising smart machinery. An orientation pilot and a panel operator are no more, fully replaced by computers. As it turned out that those computers are as hackable as the rest.
Read moreHave you ever seen any mobile application working in the background silently even after you have uninstalled it completely? I have seen Google Photos app doing the same.
Your Android smartphone continues to upload your phone photos to Google servers without your knowledge, even if you have already uninstalled the Google Photos app from your device. Nashville Business Journal editor David Arnott found that Google Photos app uploaded all his personal photographs from the device into the service even after uninstalling it.
Read moreIn the beginning of 2015, there was a wave of publications on a handheld radar called RANGE-R that has been used by government services. The radar system is able to ‘see through the walls’, it registers motion inside closed spaces.
The existence of such a device was surprising for many journalists tasked with publishing the features of RANGE-R. These radars have long been in mass production for military and intelligence-service needs. Prior to that, the technology was only available for some governmental services. Today, the radar system is more widely used due to technological advancements that contributed to price decreases.
Read moreResearchers have unearthed dozens of Android apps in the official Google Play store that expose user passwords because the apps fail to properly implement HTTPS encryption during logins or don't use it at all.
The roster of faulty apps have more than 200 million collective downloads from Google Play and have remained vulnerable even after developers were alerted to the defects. The apps include the official titles from the National Basketball Association, the Match.com dating service and the PizzaHut restaurant chain. They were uncovered by AppBugs, a developer of a free Android app that spots dangerous apps installed on users' handsets.
Read moreIt’s common sense for Android users to check the permission list before installing an app. If the app asks for access to SMS, your contacts list or location, you know it may disclose your privacy. What if a game app only asked for the wifi_status permission?
You might install it with ease – and unknowingly have enabled 3rd parties to track your location! The Android LocationManager was considered to be the only way to acquire the location data, and required a user’s approval. However, researchers have discovered a covert channel to locate and track a user without permission by using the latent location signal disclosed by wifi scanning.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland