Some Basic Rules for Securing Your IoT Stuff

Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldn’t begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and “smart” lightbulbs.

Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large. Continue reading Some Basic Rules for Securing Your IoT Stuff

Huawei Router Vulnerability Used to Spread Mirai Variant

Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Okiku, also known as Satori. Continue reading Huawei Router Vulnerability Used to Spread Mirai Variant

UPnP, WikiLeaks, and Microsoft to Removes SMBv1 Protocol – Hack Naked News #130

Hacking military phone systems, IoT malware activity doubles, more WikiLeaks dumps, decade-old bugs, and more. Jason Wood of Paladin Security joins us to discuss the erosion of ISP privacy rules on this episode of Hack Naked News! Full Show Notes Continue reading UPnP, WikiLeaks, and Microsoft to Removes SMBv1 Protocol – Hack Naked News #130

UPnP, WikiLeaks, and Microsoft to Removes SMBv1 Protocol – Hack Naked News #130

Hacking military phone systems, IoT malware activity doubles, more WikiLeaks dumps, decade-old bugs, and more. Jason Wood of Paladin Security joins us to discuss the erosion of ISP privacy rules on this episode of Hack Naked News! Full Show Notes Visit… Continue reading UPnP, WikiLeaks, and Microsoft to Removes SMBv1 Protocol – Hack Naked News #130

Dahua, Hikvision IoT Devices Under Siege

Dahua, the world’s second-largest maker of “Internet of Things” devices like security cameras and digital video recorders (DVRs), has shipped a software update that closes a gaping security hole in a broad swath of its products. The vulnerability allows anyone to bypass the login process for these devices and gain remote, direct control over vulnerable systems. Adding urgency to the situation, there is now code available online that allows anyone to exploit this bug and commandeer a large number of IoT devices. Continue reading Dahua, Hikvision IoT Devices Under Siege

miranda-upnp – Interactive UPnP Client

Miranda is a Python-based UPnP (Universal Plug-N-Play) client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for po… Continue reading miranda-upnp – Interactive UPnP Client