No, Toothbrushes Were Not Used in a Massive DDoS Attack

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false.
Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without readin… Continue reading No, Toothbrushes Were Not Used in a Massive DDoS Attack

Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware

The FBI spotted this state-sponsored attack that highlights how home office setups can be overlooked when it comes to employees’ cybersecurity. Continue reading Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware

Tech Trends for 2024: Generative AI Models Will Get Smaller, An iPhone’s Average Life Will Be 8 Years

Other predicted technology trends for 2024 are AI will teach coders new skills, and more satellites will impact IoT devices and smartphone users. Continue reading Tech Trends for 2024: Generative AI Models Will Get Smaller, An iPhone’s Average Life Will Be 8 Years

“Dirt-powered fuel cell” draws near-limitless energy from soil

A Northwestern University team has demonstrated a remarkable new way to generate electricity, with a paperback-sized device that nestles in soil and harvests power created as microbes break down dirt – for as long as there’s carbon in the soil.Continue… Continue reading “Dirt-powered fuel cell” draws near-limitless energy from soil

On IoT Devices and Software Liability

New law journal article:

Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims

Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties. While users are generally able to seek redress following a cyberattack via data protection legislation, there is no equivalent pathway available to third-party victims who suffer harm at the hands of a cyberattacker. Given how these cyberattacks are usually conducted by exploiting a publicly known and yet un-remediated bug in the smart device’s code, this lacuna is unreasonable. This paper scrutinises recent judgments from both the Supreme Court of the United Kingdom and the Supreme Court of the Republic of Ireland to ascertain whether these rulings pave the way for third-party victims to pursue negligence claims against the manufacturers of smart devices. From this analysis, a narrow pathway, which outlines how given a limited set of circumstances, a duty of care can be established between the third-party victim and the manufacturer of the smart device is proposed…

Continue reading On IoT Devices and Software Liability

A Robot the Size of the World

In 2016, I wrote about an Internet that affected the world in a direct, physical manner. It was connected to your smartphone. It had sensors like cameras and thermostats. It had actuators: Drones, autonomous cars. And it had smarts in the middle, using sensor data to figure out what to do and then actually do it. This was the Internet of Things (IoT).

The classical definition of a robot is something that senses, thinks, and acts—that’s today’s Internet. We’ve been building a world-sized robot without even realizing it.

In 2023, we upgraded the “thinking” part with large-language models (LLMs) like GPT. ChatGPT both surprised and amazed the world with its ability to understand human language and generate credible, on-topic, humanlike responses. But what these are really good at is interacting with systems formerly designed for humans. Their accuracy will get better, and they will be used to replace actual humans…

Continue reading A Robot the Size of the World

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. Continue reading Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

21 high-risk vulnerabilities in OT/IoT routers found

Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements. The “SIERRA:21 – Living on the Edge” report features research into Sierra Wireless AirLink cellular routers and some open-source components,… Continue reading 21 high-risk vulnerabilities in OT/IoT routers found