FTC

Update – Virtual Vandalism: Firm Warns Of Connected Home Security Holes

[This story was updated to include response from Belkin describing its response to the vulnerabilities identified by IOActive, including firmware updates. – PFR Feb 19, 2014] A researcher with the respected security firm IOActive says that he has found a number of serious security holes in home automation products from the firm Belkin that could allow remote attackers to use Belkin’s WeMo devices to virtually vandalize connected homes or as a stepping stone to other computers connected on a home network. In a statement released on Tuesday, IOActive researcher Mike Davis said that his research into Belkin’s WeMo technology found the “devices expose users to several potentially costly threats, from home fires with possible tragic consequences down to the simple waste of electricity.” IOActive provided information on Davis’s research to the US Computer Emergency Readiness Team (CERT), which issued an advisory on the WeMo issues on Tuesday.  Belkin did not […]

Continue Reading

FTC Approves Settlement Over Leaky Surveillance Cam

The US Federal Trade Commission (FTC) announced on Friday that it has approved a settlement with TRENDnet, Inc. over lax security features in its line of SecurView cameras. The FTC said on Friday that it has approved a final order settling charges against the company, whose cameras were found to be poorly secured against external attackers, who could access them and use them to spy on the homes and private lives of hundreds of consumers. [See also: Apple Store Favorite IZON Cameras Riddled with Holes] The FTC complaint stems from a February, 2012 case in which independent security analysts with the web site Console Cowboys published details on how a firmware flaw allowed authentication for Internet-connected SecurView cameras to be bypassed, giving any Internet user (with the know-how) the ability to view the surveillance camera’s live feed. The Commission first announced a settlement with TRENDnet, a Torrance, California company, in September of […]

Continue Reading

Is 2014 The Year Uncle Sam Takes On Connected Device Security?

The Consumer Electronics Show – or CES- kicked off last week in Las Vegas. In the last decade, CES has become one of the premiere venues for consumer device makers to launch new products and to show off prototypes of technology they hope to introduce to the public. Home entertainment megafauna dominate the coverage of CES — there was Samsung’s 85-inch LED LCD model with 4K resolution that can transform from flat-screen to curved display. But this year’s show is also a showcase for the next wave of connected devices, including wearable technology, smart appliances and connected vehicles. All these new platforms raise important questions about security, privacy and reliability. I sat down to talk about some of those issues with Mark Stanislav, the lead security evangelist at the firm Duo Security. Mark is a frequent contributor to The Security Ledger who last joined us to provide an end of year […]

Continue Reading

Cars Become Gadget-ized, Govt. Warns On Privacy Risk

Your car is a lot more than just a car these days. Forget about the in-car entertainment system with the USB port and the iPhone jack. If you drive a late-model vehicle, it has been tricked out with hundreds of wireless sensors to monitor everything from tire pressure to braking and acceleration. These sensors communicate over a VAN – or Vehicle Area Network – that’s not all that different from the LAN that connects the computers, servers, printers and other peripheral devices in your office. Beyond that, automakers are taking their cue from mobile device makers- and for good reason. Apple booked $10 billion in sales through its AppStore in 2013 alone. That’s not too shabby, when you consider that much of that revenue came in $.99 increments! But, as Jessica Naziri (@jessicanaziri) noted in yesterday’s Los Angeles Times, cars are the new gadgets. After all, the Detroit Auto Show is still […]

Continue Reading

Prediction: Rough Road Ahead in 2014 For Security and Internet of Things

With the New Year fast approaching, it’s (unofficially) ‘prediction season,’ when everyone worth their salt stares into the crystal ball and tries to imagine what the world will look like 12 months hence. To sort through our 2014 predictions, we called on Mark Stanislav, the chief Security Evangelist at Duo Security. Mark is a seasoned security researcher who has taken an interest in the security of the Internet of Things. Earlier this year, we wrote about research Mark did on the IZON Camera, an IP-enabled home surveillance camera that is sold by big-box retail stores like Best Buy, as well as by the Apple Store. Beneath the IZON’s polished exterior, the IZON was a mess of sloppy coding and poor security implementation, Stanislav discovered. Like many IoT devices, IZON cameras punted security to those responsible for the wireless network that it was deployed on – essentially trusting any connection from […]

Continue Reading
1 8 9 10 11 12 14