#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Internet of Things | Breaking Cybersecurity News | The Hacker News

Microsoft built its own custom Linux OS to secure IoT devices

Microsoft built its own custom Linux OS to secure IoT devices

Apr 17, 2018
Finally, it's happening. Microsoft has built its own custom Linux kernel to power " Azure Sphere ," a newly launched technology that aims to better secure billions of " Internet of things " devices by combining the custom Linux kernel with new chip design, and its cloud security service. Project Azure Sphere focuses on protecting microcontroller-based IoT devices, including smart appliances, connected toys, and other smart gadgets, Microsoft announced during the security-focused RSA Conference in San Francisco Monday. It is basically a security package consists of three main components: Azure Sphere-certified microcontrollers (MCUs) Azure Sphere OS Azure Sphere Security Service "Azure Sphere provides security that starts in the hardware and extends to the cloud, delivering holistic security that protects, detects, and responds to threats—so they're always prepared," Microsoft said. Internet of Things (IoT) devices are 'ridicu
Cracking WiFi Passwords By Hacking into Smart Kettles

Cracking WiFi Passwords By Hacking into Smart Kettles

Oct 21, 2015
Hackers have come after your phone, your computer, and your car . Now hackers are coming after your home refrigerators, Smart TVs , and eventually KETTLES . Yes, your kettle turns out good for more than just heating up water or making coffee for you– they are potentially a good way for hackers to breach your wireless network. Also Read:   How to Weaponize your Cat to Hack Neighbours' Wi-Fi Passwords . Ken Munro, a security researcher at PenTest Partners, has managed to hack into an insecure iKettle , which was proclaimed " the world's first WiFi kettle " by its developers, and stolen a home's Wi-Fi password. Besides boiling water, the iKettle can connect to a user's home WiFi network. It also comes inbuilt with an Android and iOS app that allows the user to switch on the kettle and boil the water from other location. However, the biggest security flaw resides in the Android iKettle app that keeps the kettle's password as the defa
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
w00t! Google OnHub Router actually Runs on Chrome OS; Here's How to Root it

w00t! Google OnHub Router actually Runs on Chrome OS; Here's How to Root it

Oct 12, 2015
Are you intrigued with the idea of disassembling things and making them work your ways? Then you'll find this coverage to be one of its kind! Google OnHub Router runs ChromiumOS ( Chrome OS ), the same Linux-based operating system that powers Google Chromebook laptops and desktops. Yeah, It's True. A Group of researchers has revealed that Google OnHub Router is actually a modified Chromebook in Cylindrical form and without screen. OnHub is a modern dual-band wireless router, designed by Google and TP-Link, operates networks on both the 2.4GHz & 5GHz frequency bands simultaneously and offers the speed of up to 1900 Mbps. Unlike traditional Broadband Routers, Google OnHub is designed to support " The Internet of Things " as well as other Smart devices, including Smartphones, Connected TVs and Computers. A Team of Modders at Exploitee.rs , also famous as GTVHacker , have successfully managed to root Google OnHub device, in the same way, they
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Raspberry Pi 2 — $35 Computer with Quad-Core Processor and it runs Free Windows 10

Raspberry Pi 2 — $35 Computer with Quad-Core Processor and it runs Free Windows 10

Feb 02, 2015
Earlier today, when Raspberry Pi Foundation unveiled the second avatar of its mini computer, the tech giant Microsoft revealed that Windows 10 operating system will support the Raspberry Pi 2 for the development of smart devices and appliances. Really a great news for all Micro-computing fans – a new, powerful Raspberry Pi 2 Model B in town. However, Microsoft added another reason to celebrate it – the new model of  Raspberry Pi 2  runs Windows 10 . The all-new and powerful version of Raspberry Pi 2 brings a host of new hardware, including a Broadcom 900MHz quad-core ARM Cortex-A7 processor and 1GB of RAM . Raspberry Pi Foundation says that these upgrades make the Pi 2 Model B a much more powerful computer which costs $35 only. Raspberry Pi 2 have six times the processing power of Model B+ . Also, its quad-core chip and twice the amount of main memory will support more intensive processing tasks, which means the device can do almost everything a normal PC can, such as
Hacking Traffic Lights is Amazingly Really Easy

Hacking Traffic Lights is Amazingly Really Easy

Aug 21, 2014
Hacking Internet of Things (IoTs) have become an amazing practice for cyber criminals out there, but messing with Traffic lights would be something more crazy for them. The hacking scenes in hollywood movies has just been a source of entertainment for the technology industry, like we've seen traffic lights hacked in Die Hard and The Italian Job , but these movies always inspire hackers to perform similar hacking attacks in day-to-day life. Security researchers at the University of Michigan have not only hacked traffic light signals in real life, but also claimed that it's actually shockingly easy to perform by anyone with a laptop and the right kind of radio. If we compare the traffic light hacks in movies and real life, the reality is much easier. In a paper study published this month, the security researchers describe how a series of major security vulnerabilities in traffic light systems allowed them to very easily and very quickly seized control of the whole system of at
Web-based DropCam Surveillance Systems Vulnerable to Hackers

Web-based DropCam Surveillance Systems Vulnerable to Hackers

Jul 15, 2014
The popular home surveillance webcam service DropCam that keep an eye on your house when you aren't there, can be used as a weapon against you by the cybercriminals, claimed a pair of researchers. San Francisco-based DropCam, last month announced it would be acquired by Google's Nest for $555 million in cash, makes home-monitoring cameras for the past five years, which allow users to keep track of what's going on inside their homes using a small surveillance camera. Two researchers named Patrick Wardle and Colby Moore of Synack who discovered the weakness in the Wi-Fi enabled video monitoring system, which they will demonstrate at the DEFCON 22 Hacker Conference in Las Vegas next month. This WiFi-enabled security camera, that comes for $149 or $199, depending on video quality, requires little-to-no-effort to maintain. You plug it in, get it up on your WiFi, and all is set. If you want to check in on your cameras remotely, it cost you nothing, and if you want DropCam
Smart LED Lightbulbs Can be Hacked too; Vulnerability exposes Wi-Fi Passwords

Smart LED Lightbulbs Can be Hacked too; Vulnerability exposes Wi-Fi Passwords

Jul 08, 2014
Until now, we have seen how different smart home appliances such as refrigerators, TVs and routers could expose our private data, but now you can add another worry to your list —LED light bulb. Don't laugh! It's true. Researchers at UK security firm Context have formulated an attack against the Wi-Fi connected lightbulbs, which is available to buy in the UK, that exposes credentials of the Wi-Fi network, it relies on to operate, to anyone in accessibility to one of the LED devices. Security vulnerabilities found in the LIFX Smart light bulbs , that can be controlled by the iOS-based and Android-based devices, could allow an attacker to gain access to a "master bulb" and with the help of that they could control all connected bulbs across that network, and help them expose user network configurations. Along with other Internet of Things (IoTs) devices, the smart bulbs are part of a rising trend in which the manufacturers enclose computing and networking capabilities to their devices s
Desktop Viruses Coming to Your TV and Connected Home Appliances

Desktop Viruses Coming to Your TV and Connected Home Appliances

Apr 23, 2014
Smart Devices are growing at an exponential rate and so are the threats to them. After your Computers, Servers, Routers , Mobiles and Tablets, now hackers are targeting your Smart TVs, warns Eugene Kaspersky the co-founder and chief executive of Kaspersky Lab. As the increase in the manufactures of Smart TVs by different companies, it could be estimated that by 2016, over 100 million TVs are expected to be connected to the Internet and in the time it may rise as a profitable fruit for the malware authors and cyber criminals to exploit these devices. The 48 year-old Eugene Kaspersky , one of the world's top technology security experts, has thrown light on the future of Computer Security and warned that  Internet of Things (IoT) such as TVs, Refrigerators, Microwave or dishwashers will necessarily bring undesirable cyber threats to your home environment, because any device connected to the Internet is vulnerable and can be infected. " The threats will dive
Free Microsoft Windows for the Internet of Things and Mobile Devices

Free Microsoft Windows for the Internet of Things and Mobile Devices

Apr 07, 2014
Tomorrow, 8th April could be a sad day for all those who are still using Windows XP, as it is an official assassination day of it, but there is also a good news that Microsoft is going to stop charging for its Windows Operating System on on the devices with screens smaller than nine inches. Yes, Free a Windows OS for the  Internet of Things (IoTs) ,  such as Mobile Devices, Smart thermostats, Smart TVs, wearable devices etc., that was announced by Microsoft at Build 2014 conference on Wednesday. " To accelerate the creation of great mobile devices running Windows and grow our number of users, we announced today that Windows will be available for $0 to hardware partners for Windows Phones and tablets smaller than 9" in size, " said Terry Myerson, executive vice president, OS Group at Microsoft and he also added that it will include a one-year subscription to Office 365. FREE, BUT NOT OPEN SOURCE Free Windows , means the manufacturers of small tablets, phones and any o
Philips Smart TVs vulnerable to Screen Hijack and Cookie Theft

Philips Smart TVs vulnerable to Screen Hijack and Cookie Theft

Mar 29, 2014
Previous articles on The Hacker News have highlighted that How Internet of Things (IoT) opens your home to cyber threats. Recently the security researchers from vulnerability research firm  ReVuln  published a video demonstration shows that Philips Smart TV is prone to cyber attacks by hackers. According to the researchers, some versions of Philips Smart TV with latest firmware update are wide open to hackers and also vulnerable to cookie theft. The fault is in a feature called Miracast , that allows TVs to act as a WiFi access point with a hard-coded password 'Miracast,' and allows devices nearby within the range to connect the device for receiving the screen output. " The main problem is that Miracast uses a fixed password, doesn't show a PIN number to insert and, moreover, doesn't ask permission to allow the incoming connection, " Luigi Auriemma, CEO and security researcher at ReVuln, told SCMagazine . The vulnerability allows an attacker within the device'
Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies

Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies

Mar 20, 2014
Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices. A Linux worm named Linux . Darlloz , earlier used to target Internet of Things (IoT) devices, i.e. Home Routers, Set-top boxes, Security Cameras, printers and Industrial control systems; now have been upgraded to mine Crypto Currencies like Bitcoin. Security Researcher at Antivirus firm Symantec spotted the Darlloz Linux worm back in November and they have spotted the latest variant of the worm in mid-January this year. Linux . Darlloz worm exploits a PHP vulnerability ( CVE-2012-1823 ) to propagate and is capable to infect devices those run Linux on Intel's x86 chip architecture and other embedded device architectures such as PPC, MIPS and MIPSEL. The latest variant of Linux . Darlloz equipped with an open source crypto currency mining tool called ' cpuminer ', could be use
Cisco Offers $300,000 Prize For 'Internet of Things' Security Apps

Cisco Offers $300,000 Prize For 'Internet of Things' Security Apps

Mar 03, 2014
In the last few years, this emerging domain for the  Internet of Things  has been attracting the significant interest, and will continue for the years to come. It would be a $20 Trillion Market over the next several years, but Security and privacy are the key issues for such applications, and still face some enormous challenges. Cisco has announced a global and industry-wide initiative to bring the Security community and Researchers together to contribute in securing the Internet of Things (IoT) and launched a contest called the " Internet of Things Grand Security Challenge ", offering prizes of up to $300,000  for winners. Since Smart devices are growing at an exponential pace with increase in connecting devices embedded in cars, retail systems, refrigerators, televisions and countless other things people use in everyday life and is expected to grow to 50 billion by 2020. So, in an effort to deliver the security solutions necessary to protect the increasing range of
100,000 Refrigerators and other home appliances hacked to perform cyber attack

100,000 Refrigerators and other home appliances hacked to perform cyber attack

Jan 18, 2014
Have you given shed to Zombies in your house? No???? May be you have no idea about it. After Computers, Servers, Routers, Mobiles, Tablets…. Now its turn of your home appliances to be a weapon or a victim of cyber war. Recently Security Researchers from Proofpoint  found more than 100,000 Smart TVs, Refrigerator, and other smart household appliances compromised by hackers to send out 750,000 malicious spam emails. As the ' Internet of Things ' becoming smart and popular it became an easy weapon for cyber criminals to launch large scale of cyber attacks. " The attack that Proofpoint observed and profiled occurred between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting Enterprises and individuals worldwide." Previously, such attacks were only drafted theoretically by researchers, but this is the first such proven attack involved smart household appliances that are used as ' thingB
Android based Cars may pose various Security and Privacy Issues

Android based Cars may pose various Security and Privacy Issues

Jan 07, 2014
After being an owner of Smartphones, now it's your turn to own a Smart Car. Wouldn't it sound great if you could use your favorite mobile apps on Car's dashboard display? Yes! You heard right.. Google has tied-up with several Auto manufacturers with the goal to bring Android to Cars with built-in controls and hardware by the end of this year. Google has announced at the CES technology trade show in Las Vegas, the Open Automotive Alliance (OAA) will achieve this with their partners i.e. General Motors, Honda, Audi, Hyundai and chipmaker Nvidia. This new project is designed to accelerate innovation in the Automotive sector, with the customized version of most popular mobile platform 'Android' for Cars, that will bring Google Places, Maps, Voice, Earth and developer support to cars. " This open development model and common platform will allow automakers to more easily bring cutting-edge technology to their drivers, and create new opportunities for developers to delive
Coca-Cola reserved 16 Million MAC addresses to race in The Internet of Things

Coca-Cola reserved 16 Million MAC addresses to race in The Internet of Things

Jan 06, 2014
Have you seen the Coca-Cola " Freestyle " soda fountain yet? Instead of levers for different sodas, you have got a touchscreen, interface like an iPad and with a Push button you can have 127 Flavors of sodas. There are more than 3,500 such machines are installed inside the world's Burger Kings and all of them are connected to the internet, so that Coca-Cola can track inventory and making stock decisions. Last week the developer of GNU MACChanger software, Alvaro Lopez Ortega found that Coca-Cola has reserved a huge block of MAC addresses, i.e. 16 Million. These could conceivably be used in the future for tagging physical devices, Freestyle Soda machines or vending machines. Media Access Control address, a hardware address that uniquely identifies each node of a network. Every piece of hardware on your local network has a MAC address in addition to the IP address assigned to it by the local router or a server. IEEE has a Registration Authority called OUI that manages th
Cybersecurity Resources