Internet of Things | Breaking Cybersecurity News | The Hacker News

If you are concerned about the insecurity of Internet of Things, have good hands at programming and know how to hack smart devices, then you can grab an opportunity to earn $50,000 in prize money for discovering the non-traditional ways to secure IoT devices. Internet of Things (IoT) market is going to expand rapidly over the next decade. We already have 6.5 billion to 8 billion IoT devices connected to the Internet worldwide, and the number is expected to reach 50 billion by 2020. While IoT is going to improve life for many, the number of security risks due to lack of stringent security measures and encryption mechanisms in the devices have increased exponentially. This rise in the number of security risks would continue to widen the attack surface, giving hackers a large number of entry points to affect you some or the other way. Recently, we saw a record-breaking DDoS attack (Distributed Denial of Service) against the France-based hosting provider OVH that reached over

With rapidly growing Internet of Thing (IoT) devices, they have become a much more attractive target for cybercriminals. Just recently we saw a record-breaking Distributed Denial of Service (DDoS) attacks against the France-based hosting provider OVH that reached over one Terabit per second (1 Tbps), which was carried out via a botnet of infected IoT devices. Now, such attacks are expected to grow more rapidly as someone has just released the source code for IoT botnet, which was 'apparently' used to carry out world's largest DDoS attacks. Internet of Things-Botnet 'Mirai' Released Online Dubbed Mirai , the malware is a DDoS Trojan that targets BusyBox systems , a collection of Unix utilities specifically designed for embedded devices like routers. The malware is programmed to hijack connected IoT devices that are using the default usernames and passwords set by the factory before devices are first shipped to customers. Spotted by Brian Krebs , the

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Do you know — Your Smart Devices may have inadvertently participated in a record-breaking largest cyber attack that Internet has just witnessed. If you own a smart device like Internet-connected televisions, cars, refrigerators or thermostats, you might already be part of a botnet of millions of infected devices that was used to launch the biggest DDoS attack known to date, with peaks of over 1 Tbps of traffic. France-based hosting provider OVH was the victim to the record-breaking Distributed Denial of Service (DDoS) attacks that reached over one terabit per second (1 Tbps) over the past week. As the Internet of Things (IoT) or connected devices are growing at a great pace, they continue to widen the attack surface at the same time, giving attackers a large number of entry points to affect you some or the other way. 1 Tbps DDoS Attack Hits OVH IoTs are currently being deployed in a large variety of devices throughout your home, businesses, hospitals, and even entire cities (

Internet of Things (IoT) is the latest buzz in the world of technology, but they are much easier to hack than you think. Until now we have heard many scary stories of hacking IoT devices , but how realistic is the threat? Just think of a scenario where you enter in your house, and it's sweltering, but when you head on to check the temperature of your thermostat, you find out that it has been locked to 99 degrees. And guess what? Your room thermostat is demanding $300 in Bitcoins to regain its control. Congratulations, Your Thermostat has been Hacked! This is not just a hypothetical scenario; this is exactly what Ken Munro and Andrew Tierney of UK-based security firm Pen Test Partners have demonstrated at the DEFCON 24 security conference in Las Vegas last Saturday. Two white hat hackers recently showed off the first proof-of-concept (PoC) ransomware that infects a smart thermostat. Ransomware is an infamous piece of malware that has been known for locking up comput

The Internet of things or connected devices are the next big concerns, as more Internet connectivity means more access points which mean more opportunities for hackers. When it comes to the threat to Internet of Things, Car Hacking is a hot topic. Since many automobiles companies are offering cars that run mostly on the drive-by-wire system, a majority of functions are electronically controlled, like instrument cluster, steering, brakes, and accelerator. No doubt these auto-control systems in vehicles improve your driving experience, but at the same time increase the risk of getting hacked. Recently, security researcher Benjamin Kunz Mejri  have disclosed zero-day vulnerabilities that reside the official BMW web domain and ConnectedDrive portal and the worst part: the vulnerabilities remain unpatched and open for hackers. Benjamin from Vulnerability-Labs has discovered both the vulnerabilities. The first one is a VIN ( Vehicle Identification Number ) session vulnerabil

The Internet of Things (IoTs) or Internet-connected devices are growing at an exponential rate and so are threats to them. Due to the insecure implementation, these Internet-connected embedded devices, including Smart TVs, Refrigerators, Microwaves, Set-top boxes, Security Cameras and printers, are routinely being hacked and used as weapons in cyber attacks. We have seen how hackers literally turned more than 100,000 Smart TVs and Refrigerator into the cyber weapon to send out millions of malicious spam emails for hacking campaigns; we have also seen how hackers abused printers and set-top-boxes to mine Bitcoins. And now… Cyber crooks are hacking CCTV cameras to form a massive botnet that can blow large websites off the Internet by launching Distributed Denial-of-service (DDoS) attacks. Researchers at Security firm Sucuri came across a botnet of over 25,000 CCTV cameras targeting business around the globe while defending a small jewelry shop against a DDoS attack . Al

Do you own a Smartwatch, Smart TV, Smart fridge, or any Internet-connected smart device? If your answer is yes, then you need to know the latest interest of the cyber criminals in the field of Internet of Things. Ransomware! After targeting hospitals, universities, and businesses, Ransomware has started popping up on Smart TV screens. A new version of the Frantic Locker (better known as FLocker ) Ransomware has now the ability to infect and lock down your Smart TVs until you pay up the ransom. Researchers at Trend Micro have discovered the updated version of FLocker that is capable of locking Android smartphones as well as Smart TVs . Originally launched in May 2015, the FLocker ransomware initially targeted Android smartphones with its developers constantly updating the ransomware and adding support for new Android system changes. Here's what the new version of FLocker does to your Android-powered Smart TVs: FLocker locks the device's screen. Displays a

The cyber attack vectors available to hackers will continue to grow as the Internet of Things (IoTs) become more commonplace, making valuable data accessible through an ever-widening selection of entry points. Although it's not the hackers alone, the NSA is also behind the Internet of Things. We already know the United States National Security Agency's (NSA) power to spy on American as well as foreign people – thanks to the revelations made by whistleblower Edward Snowden in 2013. But, now the agency is looking for new ways to collect even more data on foreign intelligence, and for this, the NSA is researching the possibilities of exploiting internet-connected biomedical devices ranging from thermostats to pacemakers. During a military technology conference in Washington D.C. on Friday, NSA deputy director Richard Ledgett said his agency officials are "looking at it sort of theoretically from a research point of view right now." Ledgett totally agreed o

Anything connected to the Internet could be hacked and so is the Internet of Things (IoTs) . The market fragmentation of IoTs or Internet-connected devices is a security nightmare, due to poor security measures implemented by their vendors. Now, the researchers at security firm ESET have discovered a piece of Malware that is targeting embedded devices such as routers, and other connected devices like gateways and wireless access points, rather than computers or smartphones. Dubbed KTN-Remastered or KTN-RM , the malware is a combination of both Tsunami (or Kaiten) as well as Gafgyt. Tsunami is a well-known IRC ( Internet Relay Chat ) bot used by miscreants for launching Distributed Denial of Service (DDoS) attacks while Gafgyt is used for Telnet scanning. KTN-RM, which researcher dubbed ' Remaiten ,' features an improved spreading mechanism by carrying downloader executable binaries for embedded platforms and other connected devices. How Does the

Do you know that your daily household items can be turned into deadly weapons? Yes, it's possible to convert some of your everyday household appliances into explosives, weapons or surveillance devices. DARPA – the agency which does research in various fields for improving the US Military and US Department of Defense capabilities – had announced a new project dubbed " Improv " to transform simple household appliances into deadly weapons i.e. homemade weapons. In previous years, various military grade weapons had been found malfunctioned by the ordinary household things that could cripple the military inventions. By various incidents happening around the Military grounds, officials observed that "how easily-accessed hardware, software, processes, and methods could be used to create products or systems that could pose a future threat." So, DARPA ( Defense Advanced Research Projects Agency ) proceeded with a program and is seeking proposals

More than a Billion of Android devices are at risk of a severe vulnerability in Qualcomm Snapdragon chip that could be exploited by any malicious application to gain root access on the device. Security experts at Trend Micro are warning Android users of some severe programming blunders in Qualcomm's kernel-level Snapdragon code that if exploited, can be used by attackers for gaining root access and taking full control of your device. Gaining root access on a device is a matter of concern, as it grants attackers access to admin level capabilities, allowing them to turn your device against you to snap your pictures, and snoop on your personal data including accounts' passwords, emails, messages and photos. The company's own website notes that Qualcomm Snapdragon SoCs (systems on a chip) power more than a Billion smart devices, including many Internet of Things (IoTs) as of today. Thus, the issue puts many people at risk of being attacked. Although Google has pus

While celebrating its computer's fourth birthday, the Raspberry Pi Foundation has launched a brand new Raspberry Pi today. Great news for all Micro-computing fans – A new, powerful Raspberry Pi 3 Model B in town. Months after introducing just $5 Raspberry Pi Zero , Raspberry Pi Foundation has introduced its third major version of the Raspberry Pi, the successor of the Raspberry Pi 2 that was launched back in February last year. The Raspberry Pi is a highly simple computer that looks and feels very basic, but could be built into a number of geeky projects. Due to its low-cost appeal, the Raspberry Pi has become the most popular computer yet with 8 Million units already sold. Raspberry Pi 3 — Built-in Wi-Fi and Bluetooth Although previous versions of Raspberry Pi needed USB adapters to get Wi-Fi and Bluetooth connectivity, credit card-sized Raspberry Pi 3 Model B has built-in Wi-Fi and Bluetooth connectivity. The new version of the Pi supports 802.11n

The 21st century is witnessing a great change over in the daily life of folks with the advent of IoT devices that are capable of talking to each other without any human intervention. Yeah! Now you do not have to individually cascade an instruction to each of your home devices to accomplish a task. All have gone automated with the actuators and sensors which are infused into the home appliances. The fact is that your IoT devices would only comply within the family of same manufacturers. For example, if you have a Samsung smart refrigerator, and your wearable device is from Apple or any other vendors, then it couldn't sync as both are from different genres. No need to worry now! Zephyr: Future of IoTs The Linux Foundation has broken all the barriers of compatibility issues by releasing a Real-Time Operating System (RTOS) for Internet of Things devices , dubbed " Zephyr ". This OS enables connected devices to communicate with the same protocol.

If you are using a SimpliSafe wireless home alarm system to improve your home security smartly, just throw it up and buy a new one. It is useless. The so-called 'Smart' Technology, which is designed to make your Home Safer, is actually opening your house doors for hackers. The latest in this field is SimpliSafe Alarm . SimpliSafe wireless home alarm systems – used by more than 300,000 customers in the United States – are Hell Easy to Hack , allowing an attacker to easily gain full access to the alarm and disable the security system, facilitating unauthorized intrusions and thefts. …and the most interesting reality is: You Can Not Patch it! As the Internet of Things (IoT) is growing at a great pace, it continues to widen the attack surface at the same time. Just last month, a similar hack was discovered in Ring – a Smart doorbell that connects to the user's home WiFi network – that allowed researchers to hack WiFi password of the home user. How

The buzz around The Internet of Things (IoT) is growing, and it is growing at a great pace. Every day the technology industry tries to connect another household object to the Internet. One such internet-connected household device is a Smart Doorbell. Gone are the days when we have regular doorbells and need to open the door every time the doorbell rings to see who is around. However, with these Internet-connected Smart Doorbells, you get an alert on your smartphone app every time a visitor presses your doorbell and, in fact, you can also view who's in front of your door. Moreover, you can even communicate with them without ever opening the door. Isn't this amazing? Pretty much. But what if your doorbell Reveals your home's WiFi password ? Use Smart Doorbell to Hack WiFi Password Until now, we have seen how hackers and researchers discovered security holes in Smart Cars , Smart refrigerators , Smart kettles and Internet-connected Toys , raising

It is a common problem: Home Wireless Router's reach is terrible that the WiFi network even does not extend past the front door of the room. My house also has all kinds of Wi-Fi dead zones, but can we fix it? The answer is: YES . The problem will improve with a future, longer range version of Wi-Fi that uses low power consumption than current wireless technology and specifically targets at the internet of things (IoTs). Global certification network the WiFi Alliance has finally approved a new wireless technology standard called 802.11ah, nicknamed " HaLow ." HaLow: Long Range WiFi Wi-Fi HaLow has twice the range of conventional Wi-Fi and has the ability to penetrate walls that usually create blackspots in our homes. The Wi-Fi Alliance unveiled this latest WiFi technology at the Consumer Electronics Show (CES) in Las Vegas. Although currently used 802.11 Wi-Fi standards commonly operate in frequency bandwidths between 2.4GHz and 5GHz, the n

What's the coolest part of the Iron Man movies? The hyper-intelligent Artificial Intelligence that helps Tony Stark by doing data analysis, charging his armor, presenting information at crucial times and doing other business operations. That's right — we are talking about J.A.R.V.I.S. , Iron Man's personal assistant. We all dream of having one of its kinds, and even Facebook's Founder and CEO Mark Zuckerberg has ambitions to live more like Iron Man's superhero Tony Stark. While disclosing his 2016 resolution via a Facebook post on Sunday, Zuckerberg revealed that he is planning to build his own Artificial Intelligence to help him run his home and assist him at office — similar to Iron Man's digital butler Edwin Jarvis . "You can think of it kind of like Jarvis in Iron Man," Zuckerberg wrote in his Facebook post . "I'll start teaching it to understand my voice to control everything in our home — music, lights, tempe

Meet an all-new Hacker's Search Engine similar to Shodan – Censys . At the end of last month, security researchers from SEC Consult found that the lazy manufacturers of home routers and Internet of Things (IoT) devices have been re-using the same set of hard-coded cryptographic keys , leaving around 3 millions of IoT devices open to mass hijacking. But how did the researchers get this number? Researchers uncovered these devices with the help of Censys – a new search engine that daily scans the whole Internet for all the vulnerable devices. Censys Maintains Complete Database of Everything on The Internet Censys is similar to hacker's search engine Shodan , which is designed specifically to locate any devices that have been carelessly plugged into the Internet without much attempt at preventing unauthorized access. However, Censys employs a more advanced method to find vulnerabilities in the devices and make the Internet a safer place. Censys is a fre