Passwords

DEFCON To Host IoT Hacking Village

The Internet of Things has arrived – at least insofar as the hacker underground is concerned. The IoT is getting its own Village at DefCon. Sure, it’s been easy enough to see for a while that hacking “stuff” was what all the cool kids were doing, whether you were talking about Barnaby Jack’s “Jackpotting ATMs” presentation or the research on telematics systems by folks like Charlie Miller and Chris Valasek. But the creation of a dedicated “IoT Village” at the show, alongside staples like the Lockpick Village, the Wireless Village and the Packet Hacking Village (aka “The Wall of Sheep”) establishes Internet of Things hacking as a major new “vertical” within the diverse and fast-evolving hacking subculture. [Read more Security Ledger coverage of hacking the Internet of Things.]   Villages are dedicated areas of the DEFCON conference where attendees can converge to view demonstrations and take part in hands on lessons […]

Continue Reading

A Good Housekeeping Seal for the Connected Home?

In-brief: Experts on the security of the Internet of Things warned that lax security and privacy protections are rampant in connected home products, but consumers have no way of knowing whether the products they buy are easy targets for hackers. 

Continue Reading

Windows Bug From 1997 Enables Credential Theft

In-brief: Researchers from the firm Cylance warned that an unpatched security flaw first discovered in 1997 could be used to attack a wide range of popular applications and steal user credentials. 

Continue Reading

Drug Pumps Vulnerable to trivial Hacks, DHS warns

In-brief: The Department of Homeland Security warned that drug infusion pump management software sold by Hospira contains serious and exploitable vulnerabilities that could be used to remotely take control of the devices. 

Continue Reading

Android SDK Flaw Could Enable Dropbox Data Theft

In-brief: IBM researchers say they discovered a flaw in an SDK from the cloud storage firm Dropbox that could result in Android users accidentally sending their data to a Dropbox account controlled by a malicious actor.

Continue Reading
1 8 9 10 11 12 26