#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

GPS Tracker | Breaking Cybersecurity News | The Hacker News

Category — GPS Tracker
Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely

Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely

Jul 20, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a handful of unpatched security vulnerabilities in  MiCODUS MV720  Global Positioning System (GPS) trackers outfitted in over 1.5 million vehicles that could lead to remote disruption of critical operations. "Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control of the global positioning system tracker," CISA  said . "These vulnerabilities could impact access to a vehicle fuel supply, vehicle control, or allow locational surveillance of vehicles in which the device is installed." Available on sale for $20 and manufactured by the China-based MiCODUS, the company's tracking devices are employed by major organizations in 169 countries spanning aerospace, energy, engineering, government, manufacturing, nuclear power plant, and shipping sectors. The top countries with the most users include Chile, Australia, Mexico, Ukraine, Russi...
Flaws in Over Half a Million GPS Trackers Expose Children Location Data

Flaws in Over Half a Million GPS Trackers Expose Children Location Data

Sep 06, 2019
What if the tech intended to ensure that your kids, senior citizens, and pets are safe even when they're out of sight inadvertently expose them to stalkers? An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25–$50 have been found vulnerable to a handful of dangerous vulnerabilities that may have exposed user's real-time locations, security researchers have claimed. Cybersecurity researchers from Avast discovered that 29 models of GPS trackers made by Chinese technology company Shenzhen i365 for keeping tabs on young children, elderly relatives, and pets contain a number of security vulnerabilities. Moreover, all over half a million tracking devices were shipped with the same default password of "123456," leaving an opportunity for attackers to easily access tracking information for those who never changed the default password. Vulnerabilities in GPS Tracking Devices The reported GPS tracking device vulnerabili...
The Future of Network Security: Automated Internal and External Pentesting

The Future of Network Security: Automated Internal and External Pentesting

Dec 10, 2024Vulnerability / Perimeter Security
In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay ahead of attackers with cost-effective, frequent, and thorough security assessments. Strengthen Your Defenses: The Role of Internal and External Pentests  Effective cybersecurity requires addressing threats from both inside and outside your organization. Automated solutions streamline this process, enabling IT teams to implement a holistic and proactive defense strategy. Internal Pentesting: Securing the Core Internal pentesting simulates an attacker operating within your network, exposing vulnerabilities such as insider threats, compromised credentials, or breaches through physical or ...
Hundreds of GPS Location Tracking Services Leaving User Data Open to Hackers

Hundreds of GPS Location Tracking Services Leaving User Data Open to Hackers

Jan 04, 2018
Security researchers have unearthed multiple vulnerabilities in hundreds of GPS services that could enable attackers to expose a whole host of sensitive data on millions of online location tracking devices managed by vulnerable GPS services. The series of vulnerabilities discovered by two security researchers, Vangelis Stykas and Michael Gruhn, who dubbed the bugs as ' Trackmageddon ' in a report , detailing the key security issues they have encountered in many GPS tracking services. Trackmageddon affects several GPS services that harvest geolocation data of users from a range of smart GPS-enabled devices, including children trackers, car trackers, pet trackers among others, in an effort to enable their owners to keep track of where they are. According to the researchers, the vulnerabilities include easy-to-guess passwords (such as 123456), exposed folders, insecure API endpoints, and insecure direct object reference (IDOR) issues. By exploiting these flaws, an unaut...
cyber security

Innovate Securely: Top Strategies to Harmonize AppSec and R&D Teams

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
Google Collects Android Location Data Even When Location Service Is Disabled

Google Collects Android Location Data Even When Location Service Is Disabled

Nov 21, 2017
Do you own an Android smartphone? If yes, then you are one of those billions of users whose smartphone is secretly gathering location data and sending it back to Google. Google has been caught collecting location data on every Android device owner since the beginning of this year (that's for the past 11 months)—even when location services are entirely disabled, according to an investigation conducted by Quartz. This location-sharing practice doesn't want your Android smartphone to use any app, or turn on location services, or even have a SIM card inserted. All it wants is to have your Android device to be connected to the Internet. The investigation revealed that Android smartphones have been collecting the addresses of nearby cellular towers, and this data could be used for " Cell Tower Triangulation "—a technique widely used to identify the location of a phone/device using data from three or more nearby cell towers. Each time your Android device come...
Hacking Fitbit Health Trackers Wirelessly in 10 Seconds

Hacking Fitbit Health Trackers Wirelessly in 10 Seconds

Oct 23, 2015
Do you need a FitBit Tracker while jogging or running or even sleeping? Bad News! FitBit can be hacked that could allow hackers to infect any PC connected to it. What's more surprising? Hacking FitBit doesn't take more than just 10 Seconds . Axelle Aprville , a researcher at the security company Fortinet, demonstrated "How to hack a Fitbit in only 10 seconds," at the Hack.Lu conference in Luxembourg. Aprville's test was a proof of concept (POC) that did not actually focus on executing malicious payload, rather a logical attack. By using only Bluetooth, Aprville was able to modify data on steps and distance. However, she said it is possible to infect the device in an attempt to spread malware to synced devices. Fitbit Flex tracker is a flexible wristband that measures health statistics, such as blood pressure and heart rate. The Flex is a product of Fitbit, and its salient features are: It can wake you up with a silent vibrati...
Tinder Online Dating app vulnerability revealed Exact Location of Users

Tinder Online Dating app vulnerability revealed Exact Location of Users

Feb 20, 2014
Using Popular Online Dating app - Tinder on iPhone ?? Then you are at significant risk that exposed members' private information without their knowledge. Online Dating app Tinder, available for the iPhone from the app store , has become incredibly popular in the past few months. Tinder app allows you to find dates nearby your location within a few miles and connects you with them, but a vulnerability allowed the attacker to potentially pinpoint your exact location to within 100 feet. Security Researchers at Include Security discovered that Tinder GPS vulnerability making members vulnerable to hackers. The Security flaw was discovered by the company last October, that enabled any member with some programming skills to access the app's API (Application Programming Interface) to get the exact latitude and longitude for another member. " Due to Tinder's architecture, it is not possible for one Tinder user to know if another took advantage of this ...
Expert Insights / Articles Videos
Cybersecurity Resources