Hundreds of thousands of individuals are potentially affected by this vulnerability. A vulnerability affecting multiple baby monitors could allow someone to drop in and view a camera’s video stream, according to researchers. Potentially hundreds of thousands of live devices are impacted, they said. The issue exists in the manufacturers’ implementation . . . Read more
A researcher hacked Nespresso Pro smart cards to dispense free, unlimited coffee. Researchers have demonstrated how to outsmart Nespresso Pro machines that use certain smart cards, hacking them to dispense coffee on-demand. Nespresso produces a range of coffees and machines for personal and professional use. Some of the commercial machines . . . Read more
Researchers publicly disclosed flaws in ADT’s LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.
If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products.
The “KindleDrip” attack would have allowed attackers to siphon money from unsuspecting victims. Three vulnerabilities in the Amazon Kindle e-reader would have allowed a remote attacker to execute code and run it as root – paving the way for siphoning money from unsuspecting users. Yogev Bar-On, researcher at Realmode Labs, . . . Read more
Medical-device security has long been a challenge, suffering the same uphill management battle that the entire sprawling mess of IoT gadgets has faced.
Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures. This year’s Consumer Electronics Show was hampered by the pandemic, but that didn’t stop an expert panel from convening to award this year’s dubious CES 2021 Worst in Show honors. Overall trends from . . . Read more
Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts. After shrinking in 2020, cybersecurity budgets in 2021 climb higher than pre-pandemic limits. Authentication, cloud data protection and application monitoring will top the . . . Read more
Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold. Stolen email passwords are being used to hijack smart home security systems to “swat” unsuspecting users, the Federal Bureau of Investigation warned this week. . . . Read more
A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year. As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go . . . Read more