P2P Weakness Exposes Millions of IoT Devices

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. Continue reading P2P Weakness Exposes Millions of IoT Devices

Smashing Security #114: Darknet Diaries, death, and beauty apps

Jack Rhysider from the “Darknet Diaries” podcast joins us to chat about his interview with the elusive Hacker Giraffe, how a death is preventing cryptocurrency investors from reaching their money, and how ‘beauty camera’ apps are redirecting users to p… Continue reading Smashing Security #114: Darknet Diaries, death, and beauty apps

UPnP, Vulnerability As A Feature That Just Won’t Die

UPnP — in a perfect world it would have been the answer to many connectivity headaches as we add more devices to our home networks. But in practice it the cause of a lot of headaches when it comes to keeping those networks secure.

It’s likely that many Hackaday readers provide some form of technical support to relatives or friends. We’ll help sort out Mom’s desktop and email gripes, and we’ll set up her new router and lock it down as best we can to minimise the chance of the bad guys causing her problems. Probably one of the first …read more

Continue reading UPnP, Vulnerability As A Feature That Just Won’t Die

Found an application (Whatsapp) initiating UPnP requests, is it something that I should worry about?

I have logged in into my router using the web interface. I was checking UPnP forwarding (which is enabled by default), and found out that whatsapp is initiating a UPnP request on port 65072.
Is there a way that I can understand, why and … Continue reading Found an application (Whatsapp) initiating UPnP requests, is it something that I should worry about?

Hackers Hijack Chromecast Devices and Smart TVs via Exposed UPnP

A pair of hackers has launched a campaign that displays rogue messages on people’s smart TVs encouraging them to subscribe to a popular YouTube channel. The attack doesn’t seem to be malicious and is part of a larger campaign to promote Pe… Continue reading Hackers Hijack Chromecast Devices and Smart TVs via Exposed UPnP

Hackers Exploit UPnP in Routers to Expose Private Networks to Attacks

Hackers are exploiting insecure UPnP implementations in routers to expose millions of computers from inside private networks to SMB attacks. Universal Plug and Play (UPnP) is a service that allows devices to discover each other inside local networks a… Continue reading Hackers Exploit UPnP in Routers to Expose Private Networks to Attacks