iot | Page 10


This was my first time at DefCamp in Romania, and it was definitely a good experience. DefCamp was an interesting mixture of not so technical talks (but with acute insights) and technical ones. Among the "not so technical" ones, I liked the following: Do Tinder bots dream of electric toys? Tinder is a match-making/dating application. Inbar Raz decided to test it. He created a profile according to online guidelines (images with animals, images looking official, etc.) and quickly got many matches. But...it turned out that they... [Read More]
by RSS Axelle Apvrille  |  Nov 18, 2016  |  Filed in: Security Research
Besides conference sessions, DefCamp 2016 also ran various competitions in the hacking village. I wandered about the critical infrastructure area - an amazing model kit of a train, station, and solar panels all controlled by Siemens and Schneider PLCs - but mostly, of course, at the _IoT village_. Critical Infrastructure village with model kit, PLCs, and SCADA supervision monitor   At the IoT village, several connected devices were available to be hacked: web cameras, a water sensor, a coffee maker...I lost some time on the Foscam... [Read More]
by RSS Axelle Apvrille  |  Nov 17, 2016  |  Filed in: Security Research
This post originally appeared as a byline in Dark Reading. For cyber intelligence sharing to work, organizations need two things: to trust each other, and better processes to collect, exchange, and act on information quickly. As cyberthreats become more sophisticated and expand to the Cloud and the Internet of Things, the sharing of meaningful threat intel between trusted organizations has become more critical than ever before.  At Fortinet this year, our teams witnessed the benefits of info sharing first hand as part of a joint... [Read More]
by RSS Derek Manky  |  Nov 17, 2016  |  Filed in: Industry Trends
Healthcare security breaches can be extremely rewarding for cybercriminals. Read this post to find out why. [Read More]
by RSS Susan Biddle  |  Nov 08, 2016  |  Filed in: Industry Trends
This year again I attended Hack.Lu 2016. Let it be free workshops, CTF, lightning or regular talks, there are many ways to learn new stuff. Not to mention the kind and informal atmosphere of the conference. Let me give you an example which perfectly illustrates the atmosphere: during lunch time, I started talking Bluetooth Low Energy with a fellow researcher (@virtualabs). And... we ended up tearing down his connected toothbrush! Figure 1. Toothbrush teardown I told him about my findings (demoed at VB 2016) remote controlling the toothbrush... [Read More]
by RSS Axelle Apvrille  |  Oct 25, 2016  |  Filed in: Industry Trends
It happened again. This past weekend we witnessed another record-setting DDoS attack, probably primarily caused by infected IoT devices. This attack is attributed to the same piece of code - Linux/Mirai - which attacked KrebsOnSecurity.com and OVH in September. List of Attacks Attributed to Linux/Mirai Date Where Rate Comments Oct 21, 2016 Dyn DNS ? Some of the attacks were coming from hosts infected... [Read More]
by RSS Axelle Apvrille  |  Oct 24, 2016  |  Filed in: Security Research
Fortinet has been monitoring the outbreak of attacks targeting home routers over the past several months. We plan to post a series of blogs to share our findings. In this post, we review the related statistical data that has been recorded by Fortinet. Since July of this year, it has not been uncommon for signatures detecting vulnerabilities in home routers to take up three spots in our daily top 10 IPS detection list. An analysis of these three signatures is provided below. 1. Netcore.Netis.Devices.Hardcoded.Password.Security.Bypass The... [Read More]
by RSS Bing Liu  |  Oct 12, 2016  |  Filed in: Security Research
Part II: Fortinet Analysis Developing our own opinion In part one of this two-part series, I provided an overview of smart lock technology and some of its vulnerabilities and risks. We also decided to ‘try our luck’ with the security of these solutions in the Fortinet FortiGuard Lab, so we ordered some random brand smart locks for testing. Two of our main vulnerability researchers, Tony Loi and Tien Phan, were able to do some in-depth analysis these last few weeks. Not only were they able to confirm the attacks demonstrated by... [Read More]
by RSS David Maciejak  |  Oct 07, 2016  |  Filed in: Security Research
Part I: The Problem About 4000 years ago, as we began the development of our modern way of life, people started to also want their own privacy and the ability to safeguard their possessions. The lock and key concept was created at that time. The first were made with hardwoods, then metals. Some were amazingly intricate. But eventually, they evolved to become the latest iteration of that ancient concept, something we have seen developing over the last few years: the smart lock. The key has been replaced by your smartphone or smartwatch, but the... [Read More]
by RSS David Maciejak  |  Oct 06, 2016  |  Filed in: Security Research
26 Connected Devices Per Human by 2020 Changes the Security Equation: How to Make Sure Your Network is Prepared We seem to be hearing about the Internet of Things (IOT) and the security challenges related to it everywhere these days… While there is no denying that IP-based connectivity continues to become more and more pervasive, this is not a fundamentally new thing. What is new is that the target audience is changing and connectivity is becoming much more personal. Connectivity is no longer limited to high -nd technology consumers... [Read More]
by RSS Ken McAlpine  |  Oct 04, 2016  |  Filed in: Industry Trends