Hacking Police Bodycams
Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras
Five key security tips to avoid an IoT hack
Recently, Russian PIR Bank lost $1,000,000 because of a compromised router that allowed hackers to gain entry into their local network. Why did it happen and how companies can protect themselves?
In-flight satellite comms vulnerable to remote attack, researcher finds
As well as finding that Telnet, FTP and web were available for certain IPs, it turned out that an interface page for a Hughes aircraft satellite communication (SATCOM) router could also be accessed without authentication
Smart Irrigation Systems Expose Water Utilities to Attacks
A team of experts has analyzed smart irrigation systems from several vendors and found vulnerabilities that can be exploited to cause potentially serious disruptions to urban water services.
Critical Flaws Found in NetComm Industrial Routers
An industrial router made by Australian telecommunications equipment company NetComm Wireless is affected by several serious vulnerabilities that can be exploited remotely to take control of affected devices
Ensuring Your Industrial Wireless Systems Are Safely Deployed
Finding a competitive edge in heavy industries and manufacturing today is as much about digitization and data analytics as it is about bringing new products and services to market. It has therefore become imperative for businesses in these sectors to invest in technologies that allow them to connect, control and monitor their industrial environments using sensors, gateways and other digital transformation tools
BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?
The researchers – Saleh Soltan, Prateek Mittal and H. Vincent Poor from Princeton University – have dubbed the theoretical offensive “BlackIoT”, and have coined the threat to be a “manipulation of demand via IoT” attack, or MadIoT.
Botnet of Smart Heaters, ACs Can Cause Power Disruptions
Wi-Fi enabled air conditioners, ovens, water heaters and space heaters that can be controlled remotely over the Internet are increasingly popular. The power usage of these devices ranges between 1,000 and 5,000 watts
Election systems should be considered critical infrastructure
93 percent of security professionals are concerned about cyber-attacks targeting election infrastructure and data, and 81 percent believe cyber criminals will target election data as it is transmitted by machines, software and hardware applications, from local polling stations to central aggregation points, a recent study by Venafi has revealed
Dragos to integrate ICS-specific threat intelligence with cyber intelligence partners
Dragos announced that its industrial control system (ICS) threat intelligence product, WorldView, will integrate with partner companies, ThreatConnect, Recorded Future, ThreatQuotient, and EclecticIQ
ICS security fails the Black Hat test
Industrial control systems hit the mainstream at Black Hat this year, with over two dozen program sessions tackling different angles of the subject. The takeaway: Vendors still aren’t really trying
Philips Vulnerability Exposes Sensitive Cardiac Patient Information
A vulnerability in the Philips IntelliSpace Cardiovascular (ISCV) line of medical data management products would allow privilege escalation and arbitrary code execution – opening the door for an attacker to siphon out all kinds of confidential patient information, including medical images and full diagnostic details.
The future of OT security in critical infrastructure
To address these challenges, we discuss below three specific areas in the context of both improved enterprise operational effectiveness, and enhanced security for industrial control systems
IoT Malware Discovered Trying to Attack Satellite Systems of Airplanes, Ships
Researcher Ruben Santamarta shared the details of his successful hack of an in-flight airplane Wi-Fi network – and other findings – at Black Hat USA today
With Healthcare Security Flaws, Safety’s Increasingly at Stake
A lax culture around cybersecurity from medical device manufacturers and healthcare professionals (and a lack of education around good security measures) is putting hospitals – and subsequently their patients – at risk, said researchers, speaking at Black Hat 2018.
Flaws in Siemens Tool Put ICS Environments at Risk
Serious vulnerabilities discovered by researchers in Siemens’ TIA Portal for SIMATIC STEP7 and SIMATIC WinCC can be exploited by threat actors for lateral movement and other purposes in ICS environments
Hack causes pacemakers to deliver life-threatening shocks
Life-saving pacemakers manufactured by Medtronic don’t rely on encryption to safeguard firmware updates, a failing that makes it possible for hackers to remotely install malicious wares that threaten patients’ lives, security researchers said Thursday
In-vehicle wireless devices are endangering emergency first responders
One of the infected devices was a wireless gateway from Sierra Wireless. Authorized IT administrators used it to connect to the airport network in the event that primary connection methods failed. Surprised that such a sensitive piece of equipment could become a foot soldier in a denial-of-service attack, Shattuck began to investigate
Flaws in Smart City Systems Can Allow Hackers to Cause Panic
The world’s major cities are increasingly reliant on smart technologies, including for traffic management, disaster detection and response, and remotely controlling utilities. These systems communicate via protocols such as 4G, ZigBee and Wi-Fi.
IoT security: Lessons we can learn from the evolution of road safety
I was recently chatting with my father about his life as a young boy growing up in rural Ireland in the middle of the last century, and the conversation moved onto cars and how when he was young cars were a relatively new technology.
A botnet of smart irrigation systems can deplete a city’s water supply
However, municipalities and local government entities have adopted new green technology using IoT smart irrigation systems to replace traditional sprinkler systems, and they don’t have the same critical infrastructure security standards
Smart cities are exposed to old-school threats
Spurred by the false alarm that made Hawaii residents fear for their lives earlier this year, IBM X-Force Red and Threatcare researchers have decided to test several smart city devices and ultimately found 17 zero-day vulnerabilities, some of which could be exploited to create potentially deadly chaos
Manufacturing Industry Experiencing Higher Incidence of Cyberattacks
According to a new report out today, manufacturing companies have started experiencing elevated rates of cyber reconnaissance and lateral movement from attackers taking advantage of the growing connectivity within the industry
IBM Opens New Labs for Cracking ATMs, IoT Devices
The new network of facilities provides all the toys required for testing the security of consumer and industrial Internet of Things (IoT) technologies, automotive equipment, and Automated Teller Machines (ATMs), both before and after they are deployed to customers
The Importance of Access Control for IoT Devices
Cybercriminals are actively increasing their focus on IoT devices, with the latest variant of the Hide ‘N Seek malware expanding its focus to include, for the first time, home automation devices. There are two reasons why these devices are so attractive to the criminal community. The first is that these devices are notoriously vulnerable to attack while at the same time being very difficult, if impossible to secure
Even ‘Regular Cybercriminals’ Are After ICS Networks
Contrary to what some might perceive, state-backed groups and advanced persistent threat (APT) actors are not the only adversaries targeting industrial control system (ICS) environments
Governor Snyder announces new high school curriculum focused on automotive cybersecurity
Offering our high school students hands-on experience in dynamic fields like automotive cybersecurity will be critical to filling the growing demand for talent in key professional trades
Irdeto provides anti-hacking protection for Indentive’s home IoT platform
Irdeto is partnering with Indentive, a Swedish IoT technology provider, to secure its home IoT platform, Connective. Indentive will implement Irdeto Cloakware to ensure that security is built into the basis of the home network, including the latest generation of its consumer-facing IoT applications