Tag Archive for: IoT

Revolutionizing Quality through IoT Security

/in


IoT (Internet of Things) is an exceptional analytics system and automation that uses big data, networking, sensing, and artificial intelligence technology to create extensive service-based applications or products. Such procedures help in better management, transparency, and performance when incorporated in any industry or process.

However, IoT security is an on-demand cloud subscription service that people design to protect and discover the increasing number of connected things on your network. In other words, it covers both network security and physical device security, includes technologies, processes, and necessary measures for the prevention of IoT devices and networks.

We all know the Internet of things can give companies several economic opportunities and allow them for interesting developments that vary from hospitality to mining, from childcare to eldercare, from education to transportation. Various IoT solutions are available in the market. Whether it is about predictive maintenance, remote monitoring, connected products, smart spaces, or customer-facing technologies like mobile applications, everything which is based on the IoT helps reduce costs, operational complexity, and speeding up time to market.

What is the Safety Issue with the Internet of Things?

Though IoT devices may seem too specialized to be dangerous, there is a real risk in what are general-purpose machine and network-connected systems, which can be easily hijacked or hacked by hackers.

When such systems hack over the internet, even the most boring software from video baby monitors to interrupted devices on life-saving health care equipment becomes unsafe. If this equipment comes into the hands of attackers, they take advantage of this and try to steal data, disrupting services that you deliver to customers, and even poses the risks of cybercrimes. Besides, attacks that are committed by attackers cause damage to IoT infrastructure and damage those things that people are already running or depend on.

Protecting valuable operation technologies, customers, employees, and business investments with secure IoT infrastructure require an end-to-end methodology….

Source…

Wormable Gitpaste-12 Botnet Returns to Target Linux Servers, IoT Devices

/in


linux botnet malware

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers.

Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called “Gitpaste-12,” which used GitHub to host malicious code containing as many as 12 known attack modules that are executed via commands downloaded from a Pastebin URL.

The attacks occurred during a 12-day period starting from October 15, 2020, before both the Pastebin URL and repository were shut down on October 30, 2020.

Now according to Juniper, the second wave of attacks began on November 10 using payloads from a different GitHub repository, which, among others, contains a Linux crypto-miner (“ls”), a file with a list of passwords for brute-force attempts (“pass”), and a local privilege escalation exploit for x86_64 Linux systems.

The initial infection happens via X10-unix, a binary written in Go programming language, that proceeds to download the next-stage payloads from GitHub.

“The worm conducts a wide-ranging series of attacks targeting web applications, IP cameras, routers and more, comprising at least 31 known vulnerabilities — seven of which were also seen in the previous Gitpaste-12 sample — as well as attempts to compromise open Android Debug Bridge connections and existing malware backdoors,” Juniper researcher Asher Langton noted in a Monday analysis.

Included in the list of 31 vulnerabilities are remote code flaws in F5 BIG-IP Traffic Management User Interface (CVE-2020-5902), Pi-hole Web (CVE-2020-8816), Tenda AC15 AC1900 (CVE-2020-10987), and vBulletin (CVE-2020-17496), and an SQL injection bug in FUEL CMS (CVE-2020-17463), all of which came to light this year.

It’s worth noting that Ttint, a new variant of the Mirai botnet, was observed in October using two Tenda router zero-day vulnerabilities, including CVE-2020-10987, to spread a Remote Access Trojan (RAT) capable of carrying out denial-of-service attacks, execute malicious commands, and implement a reverse shell for remote access.

Aside from installing X10-unix and the Monero crypto mining…

Source…

IoT gadgets dominate the holiday sales – and so do their security risks

/in

The annual retail conventions of Black Friday and Cyber Monday have long had a tradition of drumming up the latest tech products ahead of Christmas. Internet of Things (IoT) enabled products have become an increasingly popular mainstay of the sales rush, including virtual home assistants, wearable tech, smart toys and connected appliances.

However, as these connected products continue to dominate the holiday sales scene, they are also highlighting longstanding security concerns with IoT devices. Products are often found to be lacking even basic security safeguards, potentially exposing users to privacy invasions, cyberattacks, and even physical danger. 

Those who splurged on IoT-enabled devices in this year’s sales will need to be aware of potential new security threats against themselves and their employers.

About the author

Richard Hughes is Head of Technical Cyber Security at A&O IT Group 

How weak IoT security invites hackers into the home

IoT security vulnerabilities are extremely common, and our own investigators have found major flaws in everything from kettles to sex toys. There has been a steady cadence of IoT security breaches making the headlines over the last few years, including both the discovery of potential vulnerabilities and cases of actual exploitation.

One of the most prominent recent examples has been the Ring smart doorbell produced by Amazon. The device is ostensibly designed to help users with home security, enabling them to remotely access video and audio feeds from their smartphone, as well as receiving alerts when they have a visitor.

However, it quickly became apparent that Ring was lacking several important security features. The device is controlled by a mobile app but did not set any limits on incorrect login attempts or notify users when there was a failed attempt or a successful login from a new location or device. This meant it was straight forward for a threat actor to brute force their way into the user’s account and connect to the device. There were multiple examples of Ring devices being hijacked to spy on households, as well as the speaker function being used to harass and threaten people with physical violence. Connecting to a Ring device…

Source…

33 TCP/IP Stack Flaws Pose Hacking Risk to Millions of IT, IoT Devices

/in


By Jessica Davis

– A new Forescout Research Labs report disclosed a set of 33 vulnerabilities found in four open source TCP/IP stacks, foundational elements of millions of IT and IoT devices, including those in healthcare. A successful exploit could result in remote code execution, or even data loss.

Dubbed Amnesia:33, the flaws impact over 150 vendors and millions of IoT, IT, and OT devices. Researchers stressed the impact could be much greater, as vulnerable stacks are widely spread across devices, highly modular, and incorporated into undocumented, deeply embedded subsystems.

Overall, the group of vulnerabilities have four categories of potential impact that include remote code execution (RCE), denial of service (DoS through crash or infinite loop), data leak, and DNS cache poisoning.

An attacker could exploit these flaws to take full control of a targeted device via RCE, impact the device function via DoS, access and or steal potentially sensitive information, or inject malicious DNS records to direct a device toward a hacker-controlled domain.

Most of the AMNESIA:33 flaws impact the DNS, IPv6, and TCP components. Forescout explained that “to exploit AMNESIA:33 vulnerabilities, an attacker needs a communication path to a vulnerable device or a routed path to an internal network.”

READ MORE: Report: 72% Orgs Faced Increase in IoT, Endpoint Security Incidents

The affected TCP/IP stacks are found in operating systems, systems-on-a-chip, networking equipment, embedded devices, and a host of enterprise and consumer IoT devices. And the flaws are found in uIP, FNET, picoTCP and Nut/Net stacks, which are not owned by one single company.

As a result, these vulnerabilities easily spread across multiple codebases, development teams, companies and products. Thus, disclosing and identifying vulnerable devices will prove challenging, researchers explained.

The vulnerabilities join an earlier disclosure from JSOF, Ripple20: a set of 19 critical flaws found in the TCP/IP communication stack of hundreds of millions of IoT and connected devices.

The flaws were found in the low…

Source…