Video

Samsung Smart TV: Like A Web App Riddled With Vulnerabilities

Samsung Smart TV: Like A Web App Riddled With Vulnerabilities

Smart television sets aren’t short on cool features. Users can connect to Facebook and Twitter from the same screen that they’re using to watch Real Housewives of New Jersey, or log into Skype and use a built in- or external webcam to have a video chat. Unfortunately, the more TVs start to look like computers, the more they are becoming subject to the same underlying code vulnerabilities that have caused headaches and heartache in the PC space. That was the message of two researchers at the Black Hat Briefings security conference Thursday, who warned that one such product, Samsung’s SmartTV, was rife with vulnerabilities that could leave the devices vulnerable to remote attacks. Vulnerabilities in the underlying operating system and applications on Samsung SmartTVs could be used to steal sensitive information on the device owner, or even spy on the television’s surroundings using an integrated webcam, said Aaron Grattafiori and Josh […]

Paul speaks with Nick Percoco of SpiderLabs on Black Hat and hacking smart homes - July, 2013.

Podcast: The Big Truth – Responding To Sophisticated Attacks

If you work at a rank and file corporation in the U.S. or Europe, stories like those about the breach at the defense contractor Qinetiq are terrifying. Here’s a company that’s on the bleeding edge of technology, making autonomous vehicles and other high-tech gadgetry for the U.S. Military. Despite that, it finds itself the hapless victim of a devastating cyber breach that lasts – by all accounts – for months, or years. In the end, the attackers (likely linked to China’s People’s Liberation Army) make off with the company’s intellectual property (likely all of it) and, soon, defense contractors in Mainland China start turning out devices that look eerily similar to the ones Qinetiq makes. Ouch! If a company like Qinetiq can’t stop an attack by advanced persistent threats (APT) – or whatever name you want to use –  what hope do overworked IT admins at rank and file enterprises […]

Luxury car makers are adding automated accident avoidance systems. Could they be hacked?

Traffic Safety Agency Calls Vehicle Cyber Security Standards

The U.S. Government’s lead agency for vehicle safety has told Congress that more research into “vehicle cyber security” to address the threats to a coming generation of networked automobiles that connect to the public Internet and to each other. In testimony before Congress on Thursday,  David Strickland, the chief Administrator for the National Highway Traffic Safety Administration (NHTSA) told a Senate Committee that the electronics systems are “critical to the functioning” of modern autos, and are becoming increasingly interconnected, leading to “different safety and cyber security risks.”  The agency is requesting $2 million in the 2014 budget to research “vehicle electronics and emerging technologies” with an eye to developing requirements for the safety and reliability of vehicle controls. “With electronic systems assuming safety critical roles in nearly all vehicle controls, we are facing the need to develop general requirements for electronic control systems to ensure their reliability and security,” Strickland […]

A new generation of technology for mining data from smart phones and other devices could make crowdsourcing much more powerful.

Meet The Software That Helped Catch The Boston Bombers

With one suspect in the Boston Marathon bombings dead and another on the run IN CUSTODY!  the global, collective effort to identify those responsible for the crime has ended, and focus shifted to apprehending PROSECUTING Dzhokhor A. Tsarnaev, 19. He and his older brother, Tamerlan Tsarnaev, 26,  were the subject of a massive manhunt, culminating in a firefight in the suburb of Watertown, Massachusetts, that killed the older Tsarnaev brother and set of a massive, daylong manhunt that shut down the metropolitan Boston area.(*) So how did crowdsourcing fare in the effort to catch the two? You’d have to say: not too well. High-profile collaborative efforts to crowdsource public images of the Boston Marathon bombing site, like those organized by the group 4Chan, assembled intriguing collections of material and clocked impressive pageviews (3.4 million and counting). In the end, those efforts yielded some clues: the type of clothing worn by the suspects, […]

Online contributors identified the hat worn by Suspect #1 as this Bridgestone Golf cap, sold at Wal-Mart

Will Reddit Get Its Man? New Clues Come Fast As FBI Releases Boston Suspect Photos

The collective energies of a lot of pissed off people were given focus on Thursday, after the FBI released photos and a video of two men – identified as Suspect #1 and #2 – who were identified as the only suspects in the horrific bombing of The Boston Marathon on Monday. Within hours of releasing the photos, new clues to the identities of the suspects emerged on web sites like Reddit. Astute viewers flocked to the popular website Reddit.com to crowd source clues, with a special area or “subreddit,” dubbed “findbostonbombers” created to collect tips and analysis from the sea of fervent users. Their efforts paid off in short order, as contributors identified the brand of cap worn by both suspects (the white cap worn by Suspect #2 is believed to be by Ralph Lauren, while the black cap worn by Suspect #1 is believed to be a Bridgestone golf cap […]