smart home technology | Breaking Cybersecurity News | The Hacker News

Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon's Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network. In case you don't own one of these, Amazon's Ring Video Doorbell is a smart wireless home security doorbell camera that lets you see, hear and speak to anyone on your property from anywhere in the World. The smart doorbell needs to be connected to your WiFi network, allowing you to remotely access the device from a smartphone app to perform all tasks wirelessly. While setting up the device for the very first time and share your WiFi password with it, you need to enable the configuration mode from the doorbell. Entering into the configuration mode turns on a built-in, unprotected wireless access point, allowing the RING smartphone app installed on your device to automati

Do you own an Amazon Echo? So are you also worried about hackers turning out your device into a covert listening device? Just relax, if there's no NSA, no CIA or none of your above-skilled friends after you. Since yesterday there have been several reports on Amazon Echo hack that could allow a hacker to turn your smart speaker into a covert listening device, but users don't need to worry because the hack is not simple, requires physical access to the device and does not work on all devices, as well. Amazon Echo is an always-listening voice-activated smart home speaker that is designed to play music, set alarms, answer questions via the Alexa voice assistant, and control connected smart home devices like WeMo, Hive and Nest. Hack Turns Amazon Echo Into Spying Device (But It's Complex) Now researchers from MWR InfoSecurity have demonstrated a hack, showing how hackers can exploit a vulnerability in some models of Amazon Echo to turn them into covert listening d

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or