SSL

Update: Hello Barbie Fails Another Security Test

In-brief: The security firm Bluebox says the mobile applications used with Hello Barbie contain security flaws that could lead to the theft of passwords and other information. Update: this story was updated to include comment from Bluebox and ToyTalk. PFR 12/4/2015

Firm Finds Crypto Keys Recycled on Thousands of Devices

In-brief: Encryption keys used to secure data on- and communications between embedded devices are being recycled, creating a huge vulnerability that malicious hackers could exploit to snoop on sensitive communications or impersonate devices.

Study: Serious Web Security Flaws Rampant on Embedded Devices

In-brief: three quarters of embedded systems that sport web interfaces tested by researchers at universities in Germany and France contained serious security vulnerabilities, according to a new study. The results raise more questions about the security of embedded devices including home routers and home surveillance cameras. 

Iran Games Google’s 2FA in Attacks on EFF, Others

In-brief: Hackers¬†believed to be linked to the government of Iran are using sophisticated attacks on Google’s two-factor authentication technology to break into the e-mail accounts of individuals within the country and in the Iranian diaspora, according to Citizen Lab.

Research: IoT Hubs Expose Connected Homes to Hackers

In-brief: A study of common connected home gateways finds lax security that could expose consumers to snooping or even malicious attacks, according to the application security firm Veracode.