Aug 18 2021

Kalay cloud platform flaw exposes millions of IoT devices to hack

Category: IoT SecurityDISC @ 11:36 am

FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks.

Researchers at FireEye’s Mandiant have discovered a critical vulnerability, tracked as CVE-2021-28372, in a core component of the Kalay cloud platform which is used by millions of IoT devices from many vendors.

The flaw could be easily exploited by a remote attacker to take over an IoT device, the only info needed for the attack is the Kalay unique identifier (UID) of the targeted user. The identifier could be obtained via social engineering.

“The vulnerabilities described in this post affect a core component of the Kalay platform. Mandiant was not able to create a comprehensive list of affected devices; however, ThroughTek’s website reports more than 83 million active devices on the Kalay platform at the time of writing this post.” states the report published by Mandiant. “An attacker would require comprehensive knowledge of the Kalay protocol and the ability to generate and send messages. The attacker would also need to obtain Kalay UIDs through social engineering or other vulnerabilities in APIs or services that return Kalay UIDs. From there, an attacker would be able to remotely compromise affected devices that correspond to the obtained UIDs.”

An attacker that has obtained the UID of a targeted device could send a specially crafted request to the Kalay network to register another device with the same UID on the network. Then the Kalay servers will overwrite the existing device. Once the victim will connect the device, his connection will be directed to the attacker that could obtain the credentials used by the victim to access the device.

Most of the devices using the platform are video surveillance products such as IP cameras and baby monitors, an attacker could exploit this flaw to eavesdrop audio and video data.

The attacker could also use RPC (remote procedure call) functionality to completely take over the device.

Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things

Tags: IoT, IoT devices, IoT Hacking, IoT security

Aug 04 2021

Do You Trust Your Smart TV?

Category: IoT Security,Security AwarenessDISC @ 10:02 am

Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy?

In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV. The video shows an insider plugging a USB Rubber Ducky into a smart TV in a company meeting room. Within less than a minute, a payload is executed to set up a Wi-Fi network for data exfiltration (called kitty3) and instructs the TV to connect to it. The payload then uploads a utility that captures the screen before the insider removes the rogue device.

Smart TV Security: Media Playback and Digital Video Broadcast

Tags: Smart TV, Smart TV Security

Jun 19 2021

Preventing security issues from destroying the promise of IoT

Category: IoT SecurityDISC @ 12:50 pm

Tags: IoT Hacking, IoT security

Apr 27 2021

When AIs Start Hacking

Category: AI,IoT SecurityDISC @ 5:00 pm

If you don’t have enough to worry about already, consider a world where AIs are hackers.

Hacking is as old as humanity. We are creative problem solvers. We exploit loopholes, manipulate systems, and strive for more influence, power, and wealth. To date, hacking has exclusively been a human activity. Not for long.

As I lay out in a report I just published, artificial intelligence will eventually find vulnerabilities in all sorts of social, economic, and political systems, and then exploit them at unprecedented speed, scale, and scope. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage.

Okay, maybe this is a bit of hyperbole, but it requires no far-future science fiction technology. I’m not postulating an AI “singularity,” where the AI-learning feedback loop becomes so fast that it outstrips human understanding. I’m not assuming intelligent androids. I’m not assuming evil intent. Most of these hacks don’t even require major research breakthroughs in AI. They’re already happening. As AI gets more sophisticated, though, we often won’t even know it’s happening.

AIs don’t solve problems like humans do. They look at more types of solutions than us. They’ll go down complex paths that we haven’t considered. This can be an issue because of something called the explainability problem. Modern AI systems are essentially black boxes. Data goes in one end, and an answer comes out the other. It can be impossible to understand how the system reached its conclusion, even if you’re a programmer looking at the code.

In 2015, a research group fed an AI system called Deep Patient health and medical data from some 700,000 people, and tested whether it could predict diseases. It could, but Deep Patient provides no explanation for the basis of a diagnosis, and the researchers have no idea how it comes to its conclusions. A doctor either can either trust or ignore the computer, but that trust will remain blind.

When AIs Start Hacking

Apr 22 2021

Securing vehicles from potential cybersecurity threats

Category: IoT Security,Mobile SecurityDISC @ 10:05 am

Despite thieves regularly finding ways to boost cars by exploiting vulnerabilities in modern keyless locking systems and researchers demonstrating how attackers could fiddle with car settings, the infotainment system, the break system, the steering system, and so on, we’re yet to witness actual safety attacks that resulted in hackers disabling brakes or turning the steering wheel.

One of the reasons must surely be that cybercriminals are generally after money and not that interested in harming people for the fun of it, but perhaps another is that it’s currently very difficult to prove that attacks like these happened.

“If an incident happens there is currently no entity that will investigate such a possibility. Even more so, in most cars there are no measures monitoring for such incidents. So if you try and succeed, no one will even know, not to mention launch an investigation,” notes Nathaniel Meron, Chief Product and Marketing Officer at C2A Security, a provider of automotive cybersecurity solutions.

And, though the IT networks of original equipment manufacturers (OEMs) have already been breached by ransomware gangs, vehicle owners are lucky that those criminals have not yet switched to in-vehicle networks attacks to “brick” cars and demand money.

If and when that happens and depending on the scale of the attacks, Meron recons that they could even bankrupt an OEM.

But while it’s difficult to say when this “grace period” might end, OEMs should accept as fact that one day it surely will, and they should use this time to work on defenses.

Securing vehicles from potential cybersecurity threats

Tags: Securing vehicles

Apr 15 2021

IoT bug report claims “at least 100M devices” may be impacted

Category: IoT SecurityDISC @ 8:21 am

The devil’s in the details

The NAME:WRECK report isn’t just one bug or one vulnerability, and all of them date back to last year except for one.

Fortunately, they are all patched (at least one has had an update out for nearly a year already) but together they constitute a worthwhile reminder that even in the modern age, programmers continue to make old-school coding mistakes.

The vulnerabilities that have been lumped together under the NAME:WRECK “brand” were found in three different operating systems.

Two were low-level operating systems, often known as RTOSes (short for real-time operating systems) dedicated to internet-of-things (IoT) devices, namely Nucleus NET from Siemens and NetX from Microsoft.

The third was FreeBSD, widely used as both a mainstream server operating system and as an operating system for embedded devices. (As the name suggests, FreeBSD is available for free, like Linux, but it uses a much more easy-going and liberal open source licence.)

Parsing errors and randomness problems

Tags: IoT bug report

Aug 22 2020

New Vulnerability Could Put IoT Devices at Risk

Category: IoT SecurityDISC @ 11:36 am

A new vulnerability targets Thales, a leading maker of IoT components. Learn how the X-Force Red team identified the security flaw and best practices for addressing the risk.

Society relies so heavily on technology that the number of internet connected devices used globally is predicted to grow to 55.9 billion by 2025. Many of these devices span parts of Industrial Control Systems (ICS) that impact the physical world, assist us in our daily lives at home and monitor and automate everything from energy usage to machine maintenance at work. The potential to abuse these systems has already caught the eye of cybercriminals; according to the 2020 IBM X-Force Threat Intelligence Index, attacks against these systems increased over 2000% since 2018.

As part of their ongoing research, IBM’s team of hackers, X-Force Red, have discovered a new IoT vulnerability that can be exploited remotely. The manufacturer, Thales, has made a patch available for CVE-2020-15858 to customers since February 2020 and X-Force Red has been working together to ensure users are aware of the patch and taking steps to secure their systems.

Of the billions of smart devices in use today, Thales is one of leading makers of components that enable them to connect to the internet, securely store information and verify identities. Thales’ entire portfolio connects more than 3 billion things every year and more than 30,000 organizations rely on its solutions for everything from smart energy meters to medical monitoring devices and cars.

Source: New Vulnerability Could Put IoT Devices at Risk

How dangerous are IOT devices? | Yuval Elovici | TEDxBGU

The IoT Architect’s Guide to Attainable Security and Privacy

Download a Security Risk Assessment Steps paper!

Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Aug 19 2020

IBM finds vulnerability in IoT chips present in billions of devices

Category: IoT Security,Security vulnerabilitiesDISC @ 11:49 am

Manufactured by Thales, the EHS8 module family has security flaws that could allow attackers to take total control over internet-connected industrial machines.

Source: IBM finds vulnerability in IoT chips present in billions of devices


Download a Security Risk Assessment Steps paper!

Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Jun 01 2020

26 IoT Flaws Enable Denial-of-Service Attacks, Privilege Escalation

Category: IoT SecurityDISC @ 6:07 pm

Research details vulnerabilities in the Zephyr Real Time Operating Systems and MCUboot, both used in IoT devices and sensors.

Source: 26 IoT Flaws Enable Denial-of-Service Attacks, Privilege Escalation

Regulating the Internet of Things

Fixing the Mess of IoT Security

Download a Security Risk Assessment Checklist paper!

Subscribe to DISC InfoSec blog by Email

May 03 2019

Creating A Cyber Secure Home

Category: Information Security,IoT SecurityDISC @ 9:23 am

Creating A Cyber Secure Home – Infographic via SANS Institute

 Subscribe in a reader

Tags: cyber secure home, home security

Feb 25 2019

Smart Homes at Risk Due to Unpatched Vulnerabilities, Weak Credentials

Category: IoT SecurityDISC @ 5:16 pm

40.8% of smart homes have at least one device vulnerable to remote attacks, a third of them being vulnerable because of outdated software with unpatched security issues, while more than two-thirds are exposed by weak credentials.

Source: Smart Homes at Risk Due to Unpatched Vulnerabilities, Weak Credentials