encryption

Exclusive: Apple Store Favorite IZON Cameras Riddled With Security Holes

It’s another day, another face-palm moment for the home surveillance camera industry. Just one month after the Federal Trade Commission (FTC) settled a complaint with the maker of SecurView, a line of poorly secured home surveillance cameras, a researcher at the firm Duo Security has found a slew of even more serious security holes in the IZON Camera – a popular product that is sold in Apple Stores and Best Buy, among others. A review by The Security Ledger found dozens of such systems accessible via the public Internet, in some cases allowing anyone to peer into the interiors of private residences and businesses. Mark Stanislav, the Security Evangelist at the firm Duo Security, presented the details of a security audit of the IZON camera at a security conference in New York on Tuesday. Stanislav documented troubling security lapses including a wide-open configuration with exposed ports for accessing the device […]

Continue Reading

Video: Weaponizing Your Coffee Pot

The third annual DerbyCon wrapped up last week. Alas, I wasn’t able to make it down to Louisville, Kentucky and don a pork-pie hat with the smart people there. Still, there were some great presentations, and most of them are available online. One worth checking out if you’re into the Internet of Things hacking -thing is Daniel Buentello’s (@danielbuentell0) presentation of “Weaponizing Your Coffee Pot.” This is a repeat performance for Daniel, who also presented it at the ToorCon Conference in Seattle back in July. The first half of this talk is a high level overview of IoT and the security implications thereof. Mostly this is stuff you’ve read on this blog before. In the second half, Daniel goes down into the weeds on hacking a couple of classic IoT devices: Belkin’s WeMo IP enabled power outlet and Nest’s iconic thermostat. Without getting into all the details (its worth watching […]

Continue Reading

Set Top Boxes To Surveillance: Cisco Aims To Be IoT’s 600lb Gorilla

Cisco Systems is one of the biggest ecosystem players with its eyes trained on the Internet of Things. This makes sense. After all, the company made its fortune selling the gear – routers and switches – that make the Internet hum, and that helped extend Internet connectivity to homes and businesses.   Along the way, Cisco has been aggressive about acquiring new and promising technologies that promise to grow its top line. took some bad turns – unsuccessfully branching into consumer electronics in 2009 with the acquisition of Pure Digital, maker of the Flip camcorder, and Linksys, a maker of home networking gear, in 2003. The company discontinued the Flip product and sold Linksys to Belkin earlier this year amid a major corporate shake-up designed to re-focus the company. Now, with the next wave (Cisco calls it the 4th) of Internet connectivity upon us – namely: the “Internet of Things” (or […]

Continue Reading

Podcast: Securing The Internet of Things

One of the most vexing problems created by the fast-evolving Internet of Things is how to secure the massive trove of data that is transmitted and then stored by smart devices such as automobiles, consumer and household electronics and personal devices. As we’ve seen, private sector firms have been aggressive in leveraging new technology to connect their products to the Internet. But less thought has been given to the security and privacy implications of doing so. Now people are starting to take notice. In recent weeks,  the FTC settled a case with a California firm, TRENDNet over balky home surveillance cameras they sold – cameras that were discovered to be easily discoverable and hackable from the public Internet. But, with so many cooks in the IoT kitchen (so to speak), where does responsibility for securing technology lie? Recently, I chatted with an expert on security and the Internet of Things. […]

Continue Reading

Welcoming A New Sponsor: Mocana

You’ll notice some new artwork gracing The Security Ledger this week, and that’s because we’ve welcomed a new sponsor to the family: Mocana. I’d like to officially welcome them to the Security Ledger family.   This is a big win for Security Ledger.  Mocana will join Veracode, The Trusted Computing Group and Gemalto in underwriting The Security Ledger’s coverage of IT security news and the intersection of security with The Internet of Things (IoT). But we also win the support of a company that is all about IoT.   If you haven’t already checked out Mocana, I’d urge you to do so. Launched in 2004, the company’s expertise is in securing non-traditional endpoints. Mocana’s Device Security Framework, a suite of device-resident security software that is embedded into devices during the manufacturing process. DSF is a platform that supports a wide range of security functions, both through Mocana-created security modules and support of other […]

Continue Reading
1 22 23 24 25 26 28