Entries with tag security vulnerabilities.

Belkin Home Automation Vulnerability Uncovered

Security researchers asked consumers to stop using Belkin’s WeMo home automation products after finding various vulnerabilities in the items that attackers could use  to gain access to home networks, thermostats, or other connected devices. The line of products enable individuals to use their IOS and Android smartphones and computers to remotely control items including light switches, Web cams, motion sensors, and other home appliances. They were found to be exposing the password and cryptographic signing key used to ensure that firmware updates are valid, stated IOActive, a security firm. The US Computer Emergency Response Team issued a vulnerability note with five identified issues in the products. Belkin, in an 18 February 2014 statement, says it has fixed the vulnerabilities, which include updates to the API server, firmware, and application that could have possibly allowed the devices to be attacked. (Ars Technica)(eWeek)(IO Active)(Belkin) 

Cyberattacks against US Infrastructure Are Increasingly Likely

Security experts predict that new cyberattacks against US targets may hit important infrastructure elements rather than corporate networks or other IT assets. Hackers could focus on remotely-controlled and –monitored infrastructure systems originally constructed without security considerations such as those for street lights, building security, sewers, oil-transport pipelines, prison security. DARPA is identifying and mapping security vulnerabilities in these systems. National Public Radio reports that “close to 200 cyberattacks on critical infrastructure” were reported to the US Department of Homeland Security in the past year. The Presidential Policy Directive on Critical Infrastructure Security and Resilience, released 12 February, is designed to address such incidents, but critics say more definitive action is necessary. (NPR)(Politico)(International Affairs Review)

Showing 2 results.