In this episode of the Security Ledger podcast, brought to you by ReversingLabs, we interview Danny Adamitis (@dadamitis) of Black Lotus Labs about the discovery of ZuoRAT, malware that targets SOHO routers – and is outfitted with APT-style tools for attacking the devices connected to home networks. As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. [MP3] Cyber attacks on small office and home office (or SOHO) routers aren’t new. Back in 2016, the malware known as Mirai made headlines across the world by infecting hundreds of thousands of weekly protected SOHO routers and DVR devices and stringing them into […]
Search Results for "home"
Episode 186: Certifying Your Smart Home Security with GE Appliances and UL
In this episode of the podcast (#186) we do a deep dive on the new IoT cyber security rating system from Underwriters’ Lab. We talk with experts from GE about the process they used to obtain UL certification for a range of smart home appliances, managing device security over the decades and how a cyber security rating system may influence consumers’ behavior.
Episode 163: Cyber Risk has a Dunning-Kruger Problem also: Bad Password Habits start at Home
In this episode of Security Ledger Podcast (#163) sponsored by LastPass: companies are spending more than ever on cyber security, but feel less secure. Why? Kevin Richards of the insurer Marsh joins us to talk about that company’s Cyber Risk Perceptions Survey. Also Yaser Masoudnia of LastPass* joins us to talk about the blurry line between personal and professional is complicating enterprise security.
Devices’ UPnP Service Emerges as Key Threat to Home IoT Networks
Home connected device users are putting their IoT networks at risk by leaving exposed a common service devices use to seamlessly connect and communicate with each other, according to cybersecurity firm Trend Micro. Hackers recently have been found to exploit the Universal Plug and Play (UPnP) service of poorly configured routers and home networking devices, as evidenced by an attack earlier this year that allegedly hijacked thousands of Chromecast streaming dongles, Google Home devices and smart TVs to play an ad for a YouTuber PewDiePie’s channel. This event prompted Trend Micro researchers dig deeper into UPnP, discovering that the potential to exploit this service remains significant as many home users are leaving UPnP enabled–unknowingly or not–and often with older, unpatched versions of the service installed on devices, they said. “In a nutshell, we found that most devices still use old versions of UPnP libraries,” wrote Tony Yang, a Trend Micro […]
Exploits in Samsung Hub Put Smart Homes at Risk
There is more alarming security news for consumers with smart devices at home: hackers can take remote control of video cameras, thermostats, smart locks or other IoT devices by exploiting vulnerabilities discovered in Samsung’s SmartThings Hub, according to a report by Cisco Systems’ Talos research group.