A new report released today shows that distributed denial of service (DDoS) attacks have increased dramatically in the first two quarters of 2018 compared to 2017. The increase in attacks is being attributed to large scale botnets being created by attackers using insecure IoT devices.
CS Digest Section: Internet-of-Things
Half a Billion IoT Devices Vulnerable to DNS Rebinding Attacks
Armis, the cyber-security firm that discovered the BlueBorne vulnerabilities in the Bluetooth protocol, warns that nearly half a billion of today's "smart" devices are vulnerable to a decade-old attack known as DNS rebinding.
Researchers Hacked Amazon’s Alexa to Spy On Users, Again
A malicious proof-of-concept Amazon Echo Skill shows how attackers can abuse the Alexa virtual assistant to eavesdrop on consumers with smart devices – and automatically transcribe every word said.
https://threatpost.com/researchers-hacked-amazons-alexa-to-spy-on-users-again/131401/
Autosploit Marries Shodan, Metasploit, Puts IoT Devices at Risk
Autosploit, a new tool that basically couples Shodan and Metasploit, makes it easy for even amateurs to hack vulnerable IoT devices.
A New Way to Track Down Bugs Could Help Save IoT
On a clear day this summer, security researcher Ang Cui boarded a boat headed to a government biosafety facility off the northeastern tip of Long Island. Cui's security company, Red Balloon, will spend the next year studying how its Internet of Things threat-scanning tool performs on the building control systems of Plum Island Animal Disease Center. If
https://www.wired.com/story/a-new-way-to-track-down-bugs-could-help-save-iot/
Romanian hackers took over D.C. surveillance cameras just before presidential inauguration, federal prosecutors say
Romanian hackers took over two-thirds of the District’s outdoor surveillance cameras just before President Trump’s inauguration, according to a federal criminal complaint unsealed Thursday.
IOT is Insecure, Get Over it! Say Researchers
Noted security experts Charlie Miller and Chris Valasek said the Internet of Things can't be secure, but it can be tamed. Drawing from their car hacking experience, the two spent the morning contemplating the larger universe of IoT security and conceded that there will always be thousands of connected devices that will never be secure, and that industry
https://threatpost.com/iot-is-insecure-get-over-it-say-researchers/128826/
After Quietly Infecting a Million Devices, Reaper Botnet Set to be Worse Than Mirai
A little over a month ago, a sizable botnet of infected Internet of Things devices began appearing on the radar of security researchers. Now, just weeks later, it's on track to become one of the largest botnets recorded in recent years.
http://www.zdnet.com/article/reaper-botnet-could-be-worse-than-mirai-cyberattack/
Google Updates Home Mini to Address Major Privacy Bug
The smaller version of Google's Assistant-equipped smart speaker, unveiled earlier this month, apparently suffers from a bug that caused some units to record sounds at random times and transmit the audio to Google's servers. Google said Tuesday it issued a software update on Saturday to address the issue.
https://www.cnet.com/au/news/google-updates-home-mini-to-address-major-privacy-bug/
Hacking A $1500 ‘Smart Gun’ With $15 Magnets
I think we should stop going crazy over the smart things unless it's secure enough to be called SMART—from a toaster, security cameras, and routers to the computers and cars—everything is hackable. But the worst part comes in when these techs just require some cheap and easily available kinds of stuff to get compromised. Want example? It took just
