Articles about iot

hacker

IoT search engine ZoomEye 'dumbs down' Dahua DVR hijackings by spewing passwords

Login passwords for tens of thousands of Dahua digital video recorder devices have been cached by ZoomEye, an IoT search engine, and published on the web so that even the dumbest hacker could crack unpatched kit. "A new low has been achieved in the ease of hacking IoT devices," said Ankit Anubhav, principal researcher at …
John Leyden, 16 Jul 2018
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Cops suspect Detroit fuel station was hacked before 10 drivers made off with 2.3k 'free' litres

Updated Police suspect that high-tech thieves may have hacked into a Detroit petrol station before stealing about 600 US gallons (+-2,300 litres) of fuel. Fox News affiliate WJBK reported that the clerk was unable to shut off a pump that dispensed free fuel for 90 minutes. Ten vehicles took advantage of the security hole to fuel up …
John Leyden, 9 Jul 2018
Chris Roberts at Cyber Week (photo: John Leyden)

'Plane Hacker' Roberts: I put a network sniffer on my truck to see what it was sharing. Holy crap!

Interview "Plane Hacker" Chris Roberts has called for countries to pressure manufacturers into improving the lamentable state of transportation security. Cars are turning into computers on wheels and airplanes have become flying data centres, but this increase in power and connectivity has largely happened without designing in adequate …
John Leyden, 4 Jul 2018
Hand pulls on a latex rubber glove (disposable). Photo by shutterstock

Dr Symantec offers quick and painless checkup for VPNFilter menace on routers

Clean-up efforts to respond to the VPNFilter malware have accelerated with the release of a free check-up tool. Even though the utility from Symantec only looks to see if traffic has been manipulated, rather than confirming an infection, third-party experts have nonetheless welcomed its release. VPNFilter, discovered by …
John Leyden, 2 Jul 2018
Man with hiking equipment standing on rock's edge

Microsoft's next trick? Kicking things out of the cloud to Azure IoT Edge

After years of urging its customers to move their compute onto its Azure cloud, Microsoft is trying to push them out. Or at least nudge them to move some of their work out of data centers to edge devices that can offer better response times. To do this, Redmond has made Azure IoT Edge available to all Azure Cloud customers, …
Shaun Nichols, 27 Jun 2018

So you're doing an IoT project. Cute. Let's start with the basics: Security

The Internet of Things is going to solve climate change, fix our political system, and ensure that you can always find a parking spot. Some see a future of 15 billion connected devices. Now, just the tiny matter of deploying them. There's a long way between all IoT's utopian promises and the reality. We've never attempted …
Danny Bradbury, 25 Jun 2018
A hand adjusting a thermostat

Are your IoT gizmos, music boxes, smart home kit vulnerable to DNS rebinding attacks? Here's how to check

A technique for attacking computer networks, first disclosed more than a decade ago, has resurfaced as a way to manipulate Internet-of-Things gadgets, smart home equipment, and streaming entertainment gizmos. Researcher Brannon Dorsey this week posted an essay explaining how smart home hardware can be vulnerable to a trick …
Shaun Nichols, 21 Jun 2018
Wrecked cargo ship abandoned on sea bay

Crappy IoT on the high seas: Holes punched in hull of maritime security

Infosec Europe Years-old security issues mostly stamped out in enterprise technology remain in maritime environments, leaving ships vulnerable to hacking, tracking, and worse. A demo at the Infosecurity Europe conference in London by Ken Munro and Iian Lewis of Pen Test Partners (PTP) demonstrated multiple methods to interrupt and disrupt …
John Leyden, 6 Jun 2018
Young guy facepalms while holding a laptop

Pwn goal: Hackers used the username root, password root for botnet control database login

An IoT botnet has been commandeered by white hats after its controllers used a weak username and password combination for its command-and-control server. Ankit Anubhav, of Newsky Security, said researchers with the company were able to take over the MySQL server used to control the Owari botnet – thanks to its creator leaving …
Shaun Nichols, 6 Jun 2018

Three-hour outage renders Nest-equipped smart homes very dumb

Google's Nest went TITSUP* early this morning, causing headaches for users who have equipped their home with the expensive smart devices. Owners of the kit were forced to manually adjust thermostats and unlock doors while the iOS, Android and web apps were inaccessible. The horror. We've received reports from Nest Secure and …
Richard Speed, 17 May 2018
botnet

Mirai botnet cost you $13.50 per infected thing, say boffins

Berkeley boffins reckon the Dyn-based Internet of Things attack that took down Brian Krebs' Website in 2016 cost device owners over $US320,000. Since the 2016 hit on KrebsOnSecurity involved devices in their tens of thousands, the costs to individuals (in power consumption and bandwidth charges) only ends up a handful of …

Is your gadget using secondhand memory? Predictable senility allows boffins to spot recycled NAND chips

University researchers have developed a new method for rooting out recycled memory chips in industrial control devices. The group from the University of Alabama, Huntsville say their technique could help vendors spot and remove older flash memory chips that would otherwise jeopardize the stability of embedded devices in the …
Shaun Nichols, 7 May 2018

Hands off! Arm pitches tamper-resistant Cortex-M35-P CPU cores

Arm has released a new processor core design for Cortex-M-powered system-on-chips that will try to stop physical tampering and side-channel attacks by hackers. The microcontroller-grade Cortex M35-P CPU cores are aimed at embedded IoT devices that operate in public or areas where there is a risk someone will either crack open …
Shaun Nichols, 2 May 2018

ISO blocks NSA's latest IoT encryption systems amid murky tales of backdoors and bullying

Two new encryption algorithms developed by the NSA have been rejected by an international standards body amid accusations of threatening behavior. The "Simon" and "Speck" cryptographic tools were designed for secure data to and from the next generation of internet-of-things gizmos and sensors, and were intended to become a …
Kieren McCarthy, 25 Apr 2018
Internet of things in the cloud

Cisco casts an eye over IoT protocol landscape: Everything the light touches is ours

Cisco has pitched its intent-based networking capabilities as a way to get control over the Internet of Things. There are good reasons to try and automate the network behaviour of IoT devices: as Cisco's enterprise networking marketing vice president Prashan Shenoy told The Register's networking desk, the ratio of IT personnel …
A block of MediaTek Azure Sphere MCUs

Microsoft has designed an Arm Linux IoT cloud chip. Repeat, an Arm Linux IoT cloud chip

Microsoft has designed a family of Arm-based system-on-chips for Internet-of-Things devices that runs its own flavor of Linux – and securely connects to an Azure-hosted backend. Dubbed Azure Sphere, the platform is Microsoft's foray into the trendy edge-computing space, while craftily locking gadget makers into cloud …
Shaun Nichols, 17 Apr 2018
Smarter Wi-Fi kettle

'Well intentioned lawmakers could stifle IoT innovation', warns bug bounty pioneer

IoT security regulations could stifle innovation without addressing the security problems at hand, a well-respected security researcher controversially argues. Compromised IoT devices were press ganged into the Mirai botnet and infamously used in a DDoS attack that left many of the world’s most famous sites unreachable back in …
John Leyden, 12 Apr 2018
AWS DeepLens camera

AWS baits cloud hooks with DeepLens machine learning camera

At the AWS Summit in San Francisco on Wednesday Amazon Web Services invited a handful of tech typers to see a demonstration of AWS DeepLens, its forthcoming camera tuned for deep learning tasks. Announced late last year and given away in limited quantities to select developers, the image capturing kit is intended as an AI …

Create a news alert about iot, or find more stories about iot.

Biting the hand that feeds IT © 1998–2018