Summary

Top Articles:

  • Amazon Admits Alexa Voice Recordings Saved Indefinitely
  • Billions of Devices Open to Wi-Fi Eavesdropping Attacks
  • Hacker Leaks More Than 500K Telnet Credentials for IoT Devices
  • Bluetooth Flaws Could Allow Global Tracking of Apple, Windows 10 Devices
  • NCSC: Secure your webcams now
  • Android-Based Sony Smart-TVs Open to Image Pilfering
  • Misconfigured Baby Monitors Allow Unauthorized Viewing
  • FDA Warns of Potentially Fatal Flaws in Medtronic Insulin Pumps
  • ADT Security Camera Flaws Open Homes to Eavesdropping
  • Apple AirTag Zero-Day Weaponizes Trackers

Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk

Published: 2022-05-04 10:27:47

Popularity: 97

Author: Elizabeth Montalbano

Keywords:

  • IoT
  • Vulnerabilities
  • A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices.

    ...more

    A DNS flaw impacts a library used by millions of IoT devices

    A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. The flaw also affects DNS implementation of all versions of the uClibc-ng […] The post A DNS flaw impacts a library used by millions of IoT devices appeared first on Security Affairs.

    ...more

    Western Digital customers have to update their My Cloud devices to latest firmware version

    My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Western Digital is urging customers to update their WD My Cloud devices to the latest firmware version to continues receiving security updates on My Cloud OS firmware that is reaching […] The post Western Digital customers have to update their My Cloud devices to latest firmware version appeared first on Security Affairs.

    ...more

    Apple AirTag Zero-Day Weaponizes Trackers

    Published: 2021-09-29 20:48:33

    Popularity: 177

    Author: Tara Seals

    Keywords:

  • IoT
  • Malware
  • Vulnerabilities
  • Web Security
  • Apple's personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS.

    ...more

    Anker fixed an issue that caused access to Eufy video camera feeds to random users

    A misconfiguration issue in the software used by the Eufy video camera exposed private information and video streams of customers. Chinese electronics vendor Anker has recently addressed a bug that mistakenly exposed private information and video streams of customers using its Eufy video cameras. The issue was caused by a misconfiguration, but the vendor told […] The post Anker fixed an issue that caused access to Eufy video camera feeds to random users appeared first on Security Affairs.

    ...more

    Misconfigured Baby Monitors Allow Unauthorized Viewing

    Published: 2021-02-16 16:50:35

    Popularity: 302

    Author: Tara Seals

    Keywords:

  • Cloud Security
  • IoT
  • Mobile Security
  • Vulnerabilities
  • Web Security
  • Hundreds of thousands of individuals are potentially affected by this vulnerability.

    ...more

    Experts found critical flaws in Realtek Wi-Fi Module

    Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications. Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications. […] The post Experts found critical flaws in Realtek Wi-Fi Module appeared first on Security Affairs.

    ...more

    ADT Security Camera Flaws Open Homes to Eavesdropping

    Published: 2021-01-27 18:05:51

    Popularity: 227

    Author: Lindsey O'Donnell

    Keywords:

  • IoT
  • Privacy
  • Vulnerabilities
  • Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.

    ...more

    Your “smart” household appliance might have a short lifespan

    Published: 2020-06-08 19:34:45

    Popularity: 26

    Author: Graham Cluley

    Keywords:

  • Botnet
  • Guest blog
  • Security threats
  • Vulnerability
  • botnet
  • IoT
  • vulnerability
  • Are you itching for an internet fridge? Hankering for a smart washing machine? Thirsting for an IoT-enabled thermostat? Well, think twice before you make a potentially costly mistake when deciding what appliance you will be next be purchasing for your home. Read more in my article on the Bitdefender BOX blog.

    ...more

    NCSC: Secure your webcams now

    We don't want to see what you do behind closed doors, but lots of hackers would be happy to pull up a chair to view that video stream.

    ...more

    Billions of Devices Open to Wi-Fi Eavesdropping Attacks

    The Kr00k bug arises from an all-zero encryption key in Wi-Fi chips that reveals communications from devices from Amazon, Apple, Google, Samsung and others.

    ...more

    Hacker Leaks More Than 500K Telnet Credentials for IoT Devices

    Published: 2020-01-21 11:57:20

    Popularity: 568

    Author: Elizabeth Montalbano

    Keywords:

  • Breach
  • IoT
  • Web Security
  • botnet
  • Credentials
  • CyCognito
  • data breach
  • data leak
  • DDoS
  • DDoS attacks
  • hacker
  • IoT security
  • Password
  • Security
  • Telnet
  • Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

    ...more

    Bluetooth Flaws Could Allow Global Tracking of Apple, Windows 10 Devices

    Identifying tokens and random addresses, meant to create anonymity, do not change in sync on some devices -- opening an attack vector.

    ...more

    Amazon Admits Alexa Voice Recordings Saved Indefinitely

    Published: 2019-07-03 14:40:59

    Popularity: 1920

    Author: Lindsey O'Donnell

    Keywords:

  • IoT
  • Privacy
  • Alexa
  • amazon
  • amazon Alexa privacy
  • amazon data privacy
  • apple HomePod
  • Data Privacy
  • google
  • google home
  • voice assistant devices
  • Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.

    ...more

    FDA Warns of Potentially Fatal Flaws in Medtronic Insulin Pumps

    The FDA sent out an urgent advisory warning of serious flaws in Medtronic's insulin pumps, which are used by thousands across the U.S.

    ...more

    Android-Based Sony Smart-TVs Open to Image Pilfering

    Published: 2019-04-25 21:13:31

    Popularity: 304

    Author: Tara Seals

    Keywords:

  • IoT
  • Vulnerabilities
  • Android
  • bravia
  • photo sharing plus
  • sony smart tvs
  • vulnerabilities
  • wifi passwords
  • A pair of bugs would allow attackers to compromise the WiFi password of a TV and the multimedia stored inside it.

    ...more

    end