Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Smart Devices. Show all posts
Threat Management
Cyber Security Home Security Smart Devices Threat Management

Here's How to Safeguard Your Smart Home Connected Devices

 

In a time where digital devices influence our daily lives, it is normal for households to have multiple smart home devices. Statistics show that each person owns at least three devices, with North Americans owning an average of nine. It is critical to understand that having a large number of devices and users on a single network could present serious issues. If a single device becomes infected, the entire network can be compromised. Certain measures must be taken to limit the implications and reduce the likelihood of cyberattacks. 

Here are three essential cybersecurity tips for securing smart home devices and safeguarding your network. 

Update software: It's critical for security that you keep the firmware and software on your smart devices updated. Updates are released by manufacturers to address vulnerabilities, fix issues, and occasionally add new features. If you don't update your devices, hackers may be able to take advantage of known vulnerabilities on them. 

Automatic update features are available on many devices; if they are, you should activate them. Without the need for human interaction, automatic updates make sure that your devices get the most recent security fixes as soon as they are made available. Updates can also improve your devices' general operation and performance, making them more dependable, efficient, and safe. 

Change default password: Devices from manufacturers typically come with default credentials that are public knowledge and easy to get hold of. Because these default passwords—like "admin" or "password123"—are often weak and predictable, brute-force assaults target them frequently. Thus, the first step is to make sure you secure the security of your smart gadgets and change them. 

A password manager may be useful for generating and storing complex passwords, making sure that each device has a unique password. Furthermore, ensure that you periodically update your passwords and avoid reusing old ones. 

Monitor devices: Regular monitoring of your connected smart devices is critical for detecting any strange or unauthorised behaviour early. Use network monitoring software to keep track of any devices that are linked to your home network. Applications such as Fing or built-in router tools can give you insight into your network. 

Make sure you set up alerts for new device connections and suspicious activity. Many modern routers include this feature, which notifies you of any new devices joining your network. This allows you to quickly discover and address any unwanted connections.
Read more »
User Security
Data Safety IoT devices Smart Devices Technology User Security

Three Ways Smart Devices Can Compromise Your Privacy

 

Any gadget that has an internet connection and can be operated by a computer or smartphone is considered a smart device. Home appliances, security cameras, thermostats, doorbells, lighting systems, and other networked gadgets are examples of such devices. 

Smart devices are becoming more prevalent due to the comfort they provide. However, with this ease comes a higher risk to your privacy. 

When people talk about smart gadgets, they are referring to the internet of things (IoT) and its ability to connect all of your devices together. This means that all of the data generated by each device can be viewed and shared with other connected devices, potentially exposing sensitive information about you and your home life. Here are three ways that smart devices might jeopardise your privacy. 

Location tracking 

Many smart devices track and save users' whereabouts, allowing detailed profiles of their behaviours to be created. Without the user's knowledge or consent, this data can then be sold to third parties. 

With smart devices like fitness trackers and smartphones, this has become a serious issue. If you're not careful, your smartphone may be sharing more information than you realise. You may believe that you have control over the data it collects, but this is not always the case. 

Insecure Wi-Fi 

Wi-Fi is used by many smart gadgets to connect to the internet. This means that if adequate safety measures are not in place, it may be vulnerable to hackers. Hackers can gain access to your device, look into sensitive data like passwords, and even take control of it. 

Hackers have been known to hijack smart devices via Wi-Fi connections and use them to launch cyber-attacks. This is especially important if you travel with smart gadgets such as phones or laptops, as they may connect to unsecured Wi-Fi networks. 

Webcam vulnerabilities 

Smart devices frequently include built-in cameras and microphones that can be hacked to gain access to the user's audio and video records. This has been a major problem in recent years, with cases of "webcam hacking" growing steadily. 

People are increasingly installing cameras in their doorbells, baby monitors, and even televisions. All of these can be hacked into if the user does not take proper safety measures. For example, in some cases, hackers have taken over security cameras and utilised them to spy on unsuspecting individuals in their homes. This is an extreme example of a privacy infringement that can be avoided with adequate safety measures. 

Bottom line 

Smart devices can be a wonderful addition to the home, but you must be aware of the risks that they involve. They can violate your privacy in a variety of ways, including  targeted attacks, location tracking, real-time recording, and so on. 

Furthermore, flaws in your connectivity solution can expose your devices, data, and family or customers to cyber-attacks. Understanding the threats and implementing the required security measures will help you secure your privacy. Early intrusion detection is the most successful method of preventing cyber-attacks, and this is still true in the Internet of Things era.
Read more »
Vulnerabilities
connected gadgets Cyber Security Cyber Threats Data Privacy IoT Network Security Remote Work Risks Smart Devices Vulnerabilities

Unveiling the Unseen Cybersecurity Threats Posed by Smart Devices

 

The number of smart devices worldwide has surpassed the global population, with a continuous upward trend, particularly amidst remote and hybrid work settings. Ranjit Atwal, Gartner's senior research director, attributes this surge to the increase in remote work. As work mobility grows, the demand for connected devices like 4G/5G laptops rises, crucial for employees to work from anywhere.

Smart devices encompass gadgets connecting to the internet, like smart bulbs, speakers (e.g., Amazon's Alexa), and wearables such as the Apple Watch. They collect data, enhancing user experience but also pose security risks exploited by cybercriminals. Surprisingly, consumers often overlook security when purchasing smart devices, as shown by Blackberry's research.

In response, the European Union proposed the "Cyber Resilience Act" to enforce cybersecurity standards for all connected devices. Failure to comply may result in hefty fines. Margrethe Vestager from the European Commission emphasizes the need for market products to meet robust cybersecurity measures, likening it to trusting CE-marked toys or fridges.

Security vulnerabilities in smart devices pose threats, as seen in TP-Link's smart lightbulb. Exploiting these vulnerabilities could grant hackers access to networks, risking data and enabling potential malware deployment. Even smart homes face numerous entry points for hackers, as illustrated by investigations conducted by Which?, showcasing thousands of hacking attempts in a week.

Mirai botnet targets smart devices, using brute-force attacks to gain access via weak passwords. In a concerning case, a Google Home speaker was turned into a wiretap due to vulnerabilities, highlighting the potential risks associated with unsecured devices.

Securing home networks becomes paramount. Strategies include:

1. Purposeful Device Selection: Opt for devices that suit your needs, avoiding unnecessary interconnected gadgets.
2. Router Security: Update router settings, change default passwords, and enable automatic firmware updates.
3. Password Management:Use password managers to create strong and unique passwords for each account.
4. Multi-Factor Authentication (MFA): Employ MFA to add layers of verification during logins.
5. Wi-Fi Network Segmentation: Create separate networks for different devices to isolate potential threats.
6. Virtual Private Networks (VPNs):Invest in VPNs to encrypt online activities and protect against cyber threats on unsecured networks.

Implementing these measures strengthens overall cybersecurity, safeguarding personal data and devices from potential breaches and threats.
Read more »
Vulnerabilites and Exploits.
CISA Home Security Malicious actor Patch Fix Smart Devices Software Vulnerabilites and Exploits.

Nexx Garage Door Cyber Vulnerabilities: Risks in Smart Home Security

Smart home devices have become increasingly popular in recent years, promising convenience, efficiency, and security. However, recent cyber security vulnerabilities in the Nexx Garage Door Opener have highlighted the risks of relying too heavily on technology without considering the potential consequences.

The Nexx Garage Door Opener is a smart home device that allows homeowners to open and close their garage doors remotely using their smartphones. However, security researchers have discovered that the device is vulnerable to hacking, allowing unauthorized access to the garage and potentially the entire home network.

According to a report by Bleeping Computer, hackers can easily exploit the vulnerabilities in the device's software and gain access to the device's firmware, allowing them to take control of the device remotely. There is currently no fix for this vulnerability, leaving homeowners vulnerable to potential cyber-attacks.

This is not the first time the Nexx Garage Door Opener has been found to be vulnerable to cyber-attacks. In 2019, security researchers discovered that the device was susceptible to a brute force attack, allowing hackers to access the garage door opener by guessing the password. The manufacturer released a patch to fix the vulnerability, but the recent discovery of the new vulnerability suggests that more work needs to be done to improve the security of smart home devices.

The vulnerability in the Nexx Garage Door Opener is just one example of the risks associated with smart home devices. As more and more devices are connected to the internet, the risk of cyber-attacks increases. The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about the vulnerability and urged users to take immediate action to secure their devices.

In light of these vulnerabilities, it is crucial for homeowners to take a proactive approach to smart home security. This includes choosing devices from reputable manufacturers, keeping software and firmware up to date, and regularly changing passwords. Additionally, it is essential to monitor devices for any suspicious activity and be aware of the potential risks associated with using smart home devices.

In conclusion, the Nexx Garage Door Opener cyber vulnerabilities are a stark reminder of the importance of cyber security in smart homes. While the convenience and efficiency of smart home devices are appealing, it is essential to take precautions to protect against potential cyber-attacks. Homeowners must be proactive in their approach to smart home security, and manufacturers must take responsibility for improving the security of their devices.

Read more »
smartwatch
Bluetooth Cyber Crime Darknet Data Theft ESET Personal Data Russia Smart Devices smartwatch

ESET: Criminals will be Able to Steal Personal Data Using Smartwatches

 

ESET analysts reported that cybercriminals can use smartwatches to steal personal data and warned Russians about the main dangers associated with this gadget. 

"According to our estimates, the market for smartwatches and fitness trackers will grow by 12.5 percent annually and will exceed $118 billion by 2028. Such indicators cannot but attract scammers. Therefore, it is worth understanding in advance the security and privacy risks associated with this," the ESET study says. 

The threat of data interception is due to the fact that many smartwatches and fitness trackers are synchronized with the owners' smartphones, including some applications such as e-mail or messengers. Thus, attackers can hijack both devices, which threatens, in particular, the loss of passwords. ESET further warns that the stolen personal data can then be sold on the darknet. 

Another serious risk for a cybercriminal's victim is tracking the GeoPosition of the device. Such data allows hackers to draw up a detailed diagram of the user's movements in order to attack his home or car. "The safety of children's smartwatches, which can be monitored by outsiders, is even more worrying," ESET states. Speaking about the specific vulnerabilities of smart fitness trackers, cyber specialists pay attention to Bluetooth technology, in which "numerous vulnerabilities have been discovered over the years," weak software of gadgets and paired smartphone applications that may contain coding errors. 

According to ESET analysts, risks can be reduced via the use of two-factor authentication, the use of a strong password to lock the screen, as well as a ban on external connections to smartwatches will also prevent threat. 


Data can be leaked both via the Internet and via Bluetooth a critical Bluetooth vulnerabilities allow executing arbitrary malicious code on the device and gaining full control over the device's system, as well as carrying out a man-in-the-middle attack (MiTM), which leads to the unauthorized interception of user data.
Read more »
Technology
Android Softwares Multinational tech giants Russia Smart Devices Technology

Russian Law Requires Smart Devices To Come Pre-Installed With Domestic Software

Russia is taking security measures against technology that can hurt big tech companies in the region. In light of new laws, every smart device such as TVs, computers, smartphones, and tablets that will be purchased in Russia from now it is mandatory for it to come with pre-installed Russian-domestic software in the device. The new law is deciphered as an attempt by the government to shut down online freedom but the government officials are stating that this initiative has been introduced to promote home tech firms and to help Russian home tech companies to compete with foreign counterparts. 

The two Russian tech giants such as Yandex and Mail.ru. will be providing the pre-installed software in smart devices. 

“The law applies from Thursday to all devices and the Company said that it would offer apps from Russian developers to users activating phones but that all apps were checked to make sure they meet Apple's own privacy and security policies", Reuters said. 

In other words, it means that clients will be able to choose Russian-domestic software and apps over multinational companies’ software when setting up their smart devices. Additionally, on Twitter an iOS developer – Tian Zhang has shared a video of the new setup process on Thursday. 

Now a screen in the setup reads, "In compliance with Russian legal requirements, continue to view available apps to download." Tapping "continue" redirect the user to a list of Russian-domestic software and apps, including several from the search giant Yandex. 

Intelligence is saying that Russia is trying to compete with the US tech giants in the country and simultaneously trying to strengthen its reliance on its government-controlled "sovereign internet." 

It is about the last month when the Russian government slowed down Twitter in the response to Twitter's refusal to remove the banned content from the platform, but that ended up blocking several domains, including the Kremlin's website.
Read more »
Technology
data steal Smart Devices Spoofing Attack Technology

CSIRO's Data61 Developed Voice Liveness Detection 'Void' to Safeguard Users Against Voice Spoofing Attacks


Spoofing attacks that impersonate user's devices to steal data, spread malware, or bypass access controls are becoming increasingly popular as the threat actors expand their horizon with the improvisation of various types of spoofing attacks. Especially, voice spoofing attacks that have been on a rise as more and more voice technologies are being equipped to send messages, navigate through smart home devices, shop online, or to make use of net banking.

In a joint effort for the aforementioned concern, Samsung Research and South Korea's Sungkyunwan University and Commonwealth Scientific and Industrial Research Organisation's (CSIRO) Data61, came up with 'the voice liveness detection' (Void) to keep users safe against voice spoofing attacks.

In order to detect the liveness of a voice, Void gains insights from a visual representation of the spectrum of frequencies known as 'spectrograms' – it makes the functionality of void a little less complex compared to other voice spoofing methods that rely on deep learning models, as per Data61.

How Void helps in detecting hackers spoofing a system? 

The void can be inserted in consumers' voice assistance software or smartphones in order to spot the difference between 'a voice replayed using a speaker' and 'a live human voice', by doing so it can easily identify when a cybercriminal attempts to spoof a user's system.

While giving further related insights, Muhammad Ejaz Ahmed, a cybersecurity research scientist at Data61, told, “Although voice spoofing is known as one of the easiest attacks to perform as it simply involves a recording of the victim’s voice, it is incredibly difficult to detect because the recorded voice has similar characteristics to the victim’s live voice,” he said.

“Void is a game-changing technology that allows for more efficient and accurate detection helping to prevent people’s voice commands from being misused.”
Read more »
User Security
Amazon Echo Google Smart Speakers Smart Devices Technology Technology News User Security

'Paranoid' Blocks your Smart Speakers from Spying on you


Smart speakers have proven to be one of the most versatile gadgets of the era, the high-tech AI companions can do everything from playing music to ordering a meal with just the sound of your voice. They come with virtual assistants ready to answer all your queries, other features include reminding you of appointments, telling about the weather and news along with helping you to control your smart home devices.

Amazon's Echo and Google's Nest are two of the widely employed smart speakers. However, these devices also raise security concerns in regard to the voice captured by the speakers but in order to avail services of a voice assistant that as a matter of fact operates on voice commands, you can't block it from listening to your voice.

To make the experience easier and safer, a new device known as 'Paranoid' is made to enter the tech space, it is designed to block your Amazon Echo or Google Home smart speaker from listening to your voice until you say the word, "Paranoid" which is the device's wake word. After saying the word, the gizmo allows your smart speaker to listen.

Another thing to take notice of is the simplicity in the operations of Paranoid, it's extremely easy to use, it simply needs to be connected to the smart speaker in order to block it from spying upon you –meanwhile,  it still allows the speaker to be voice-activated. In order to activate it, all you have to do is to say "Paranoid" every time before you say "Okay, Google!" or "Alexa!"

The device comes in three different variants, The Home Button, Home Wave, and Home Max. It has no antenna, no SIM card slot, no Bluetooth, no Wi-Fi and no kind of wireless capability. As per its website, the makers claim that their device is "hack-proof".

The Home Button is the simplest model, it is placed on Amazon Echo's mute button and presses it manually. The second one, the Home Wave is designed to jam the microphones on your smart speakers and the most sophisticated one, the Home Max requires you to send your Amazon Echo or Google Home Devices to Paranoid headquarters stationed at Edmonton, Alberta. There, experts will attach your speaker's microphone cable to an external Paranoid device by cutting off the original cable. After the completion of the process, your smart speakers will be sent back to your address.

All the three models of Paranoid can be purchased from its official website; the original charges of the device and services are $49, however, as of now it will cost only $39.
Read more »
Subscribe to: Posts (Atom)