Category Archives: DEF CON 2019

Camera obscura: Researchers say weak protocols are Achilles’ heel of surveillance cameras

Posted on by

In a world of hackable things, protocols in surveillance cameras sometimes get overlooked. The cameras used in commercial buildings aren’t necessarily a priority for researchers looking for the next big intrusion, and the devices are often seen as one-dimensional targets that only yield the data they collect. But that misses the point of how a camera can be a gateway to other devices in a building. Hacking an internet-connected camera could give an attacker a pathway to a device controlling physical access to a facility, for example. That concern prompted researchers at Forescout Technologies to dissect surveillance cameras in their test lab in the Netherlands. What they found were widely used cameras using weak communication protocols to transmit data over unencrypted channels. The researchers were able to carry out a “man-in-the-middle attack,” which intercepts and manipulates data, to replace footage recorded by the camera with their own. Altering security footage at an airport, for example, could be […]

The post Camera obscura: Researchers say weak protocols are Achilles’ heel of surveillance cameras appeared first on CyberScoop.

Continue reading Camera obscura: Researchers say weak protocols are Achilles’ heel of surveillance cameras

Popular genetic-mapping software potentially exposed patients’ data

Posted on by

Security researchers have helped fix a flaw in genetic-mapping software that could have allowed a hacker to manipulate the results of a person’s DNA analysis, showing the challenges of securing code in an industry that is crunching ever-larger sets of data. The bug in the open-source Burrows-Wheeler Aligner (BWA) allowed genetic data to be sent over insecure channels, potentially exposing it to interception and manipulation. Genetic mapping involves replicating information from a person’s cells and comparing that to a standardized human genome, helping a doctor identify traits associated with a disease. In practice, a doctor receiving erroneous data from the software could have prescribed the wrong medication to a patient, warned analysts from the government-funded Sandia National Laboratories, who discovered the vulnerability. BWA is one of the most widely used programs for genetic mapping. A patch has been issued for the flaw. There is no evidence that the vulnerability has been exploited in the wild, researchers said. […]

The post Popular genetic-mapping software potentially exposed patients’ data appeared first on CyberScoop.

Continue reading Popular genetic-mapping software potentially exposed patients’ data