SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#Internet of Things
3 Aug 2017

Exposed IoT servers let hackers unlock prison cells, modify pacemakers

Lucas Lundgren sat at his desk as he watched prison cell doors hundreds of miles away from him opening and closing. He could see the various commands floating across his screen in unencrypted plain text.

"I could even issue commands like, 'all cell blocks open'," he said in a phone call last week. Without being there, he couldn't know for sure if his actions would've had real-world consequences. "I'd probably only know by reading about it in the newspaper the next day," said Lundgren, a senior security consultant at IOActive. It's because those cell doors are controlled by a little-known but popular open-source messaging protocol known as MQTT.

Read more
Tags:
information leaks Internet of Things
Source:
ZDNet
1610
27 Jul 2017

Your Roomba may be mapping your home, collecting data that could be sold

Your Roomba may be vacuuming up more than you think. High-end models of Roomba, iRobot’s robotic vacuum, collect data as they clean, identifying the locations of your walls and furniture.

This helps them avoid crashing into your couch, but it also creates a map of your home that iRobot is considering selling to Amazon, Apple or Google. Colin Angle, chief executive of iRobot, told that a deal could come in the next two years, though iRobot said in a statement on Tuesday: “We have not formed any plans to sell data.” In the hands of a company like Amazon, Apple or Google, that data could fuel new “smart” home products.

Read more
Tags:
surveillance trends Internet of Things information leaks
Source:
The New York Times
1492
19 Jul 2017

Devil's Ivy vulnerability could afflict millions of IoT devices

The security woes of the internet of things stem from more than just connecting a bunch of cheap gadgets to a cruel and hacker-infested internet. Often dozens of different vendors run the same third-party code across an array of products.

That means a single bug can impact a startling number of disparate devices. Or, as one security company's researchers recently found, a vulnerability in a single internet-connected security camera can expose a flaw that leaves thousands of different models of device at risk. On Tuesday, the internet-of-things-focused security firm Senrio revealed a hackable flaw it's calling "Devil's Ivy."

Read more
Tags:
Internet of Things information leaks
Source:
Wired
1315
17 Jul 2017

Multiple vulnerabilities found in connected IoT home security device

Security researchers have discovered a number of vulnerabilities in an internet-enabled burglar alarm that could see the device being remotely switched off by an attacker.

According to a blog post, Ilia Shnaidman, head of security research at Bullguard, said that the discovery of multiple flaws in iSmartAlarm is another example of a poorly engineered device that offers attackers an easy target. The device, said Shnaidman, has flaws that can lead to full device compromise. The cube-shaped iSmartAlarm provides a fully integrated alarm system with siren, smart cameras and locks. 

Read more
Tags:
information leaks Internet of Things
Source:
SCMagazine
1697
13 Jul 2017

AGFEO smart home controllers need patching

Smart-home controllers from German company AGFEO have adopted best practice internet things security by offering an unsecured Web admin interface. The now-patched attack vectors included unauthenticated access to some services, authentication bypass, cross-site scripting (XSS) vulns, and hard-coded cryptographic keys.

The bugs were discovered by SEC Consult, and landed on Full Disclosure after the vendor finally released an update. The AGFEO ES 5xx and 6xx firmware has three certificates with their associated private keys, which would ultimately let an attacker get administrative credentials and do as they pleased.

Read more
Tags:
information leaks Internet of Things
Source:
The Register
1406
12 Jun 2017

The rise of the Android-powered car

Google’s thesis to the automotive industry came packaged in a red glinting Maserati Ghibli. The luxury sedan, parked outside last year’s Google I/O developer conference, might have looked like just another sports car — a ubiquitous sight in Silicon Valley. 

But what was inside captured the interest of automakers. And now, some automakers are buying into what they found, despite long-held fears of giving up too much control to outsiders like Google. “The traction we’re seeing in the car space is just ridiculous,” Patrick Brady, vice president of engineering for Android, told. “It’s surprising even to us and has caught us off guard.”

Read more
Tags:
Android trends Internet of Things
Source:
The Verge
1559
10 May 2017

Persirai: New Internet of Things botnet targets IP cameras

Security researchers have discovered a new Internet of Things botnet dubbed Persirai targeting more than 1,000 different Internet Protocol camera models. Around 120,000 IP cameras are vulnerable to the malicious malware with many unsuspecting owners unaware that their devices are exposed to the internet.

The researchers said this makes it easier for the attackers behind the new malware to infiltrate the IP camera's web interface via TCP Port 81. Once a hacker logs into the vulnerable device's interface, the attacker can then perform a command injection to force the IP camera to connect to a download site to issue commands that download and execute malicious shell scripts.

Read more
Tags:
information leaks Internet of Things trends
Source:
IBTimes
1937
28 Apr 2017

BrickerBot is a vigilante worm that destroys insecure IoT devices

A hacker called The Janitor has created multiple versions of a program called BrickerBot, a system that searches out and bricks insecure IoT devices. A researcher named Pascal Geenens has followed the worm for a few weeks and has seen it pop up and essentially destroy infected webcams and other IoT devices.

The devices all used a Linux package called BusyBox and had exposed telnet-based interfaces with default passwords. These devices were easily exploited by the Mirai botnet, which essentially turned them into denial-of-service weapons. BrickerBot finds these devices and renders them unusable.

Read more
Tags:
information leaks Internet of Things
Source:
TechCrunch
1710
28 Apr 2017

Vigilante IoT worm Hajime infects 300,000 devices

Hajime the IoT worm that's supposedly trying to block rival botnets, including the famous and mighty Mirai, has reportedly compromised some 300,000 devices already. The data shows the impressive magnitude of this worm that was apparently built by a vigilante white hat.

The rapidly spreading IoT worm fights against the likes of Mirai for control of the products, closing off some ports that are normally exploited by it. While this is great news, it's still a worrying fact that such a worm is spreading so fast because the code allows the creator to change its purpose quite easily. This means the hacker has the ability to go from white hat to black hat.

Read more
Tags:
information leaks Internet of Things hackers Mirai
Source:
Softpedia
1981
13 Apr 2017

Hackers use Mirai botnet to mine bitcoins with IoT devices

Malware which targeted IoT devices was doing more than launching DDoS attacks, researchers discovered, but they question how effective it would be. Security researchers have unearthed code in a Mirai botnet enabling it to mine for bitcoins using IoT devices.

Researchers at IBM's X-force found late last month the functionality in a variant of the ELF Linux/Mirai malware. The bitcoin attack started on 20 March, peaking on 25 March, but three days later the activity subsided. What the researchers found in a sample of the code was the same Mirai functionality ported over from the Windows version but with a focus on attacking Linux machines running BusyBox.

Read more
Tags:
information leaks DDoS Internet of Things hackers
Source:
SCMagazine
1749
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
First page Previous
1 2 3 4 5 6
Next Last page
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015