Monday, March 1, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Popular consumer and enterprise routers, IoT devices contain remote access vulnerabilities

September 16, 2019
in Internet Security
Popular consumer and enterprise routers, IoT devices contain remote access vulnerabilities
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Optimizing IoT for blueberry farms: A learning experience for Intel
ZDNet’s Stephanie Condon tells Karen Roby how Intel improved its Connected Logistics Platform after conducting a pilot project with blueberry farmers. Read more: https://zd.net/2LgiKZH

As our devices become smarter and Internet-connected, the potential attack surface for cyberattackers increases. 

You might also like

These four new hacking groups are targeting critical infrastructure, warns security company

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

It is not possible for any machine or device with Internet connectivity to be 100 percent secure from exploit. Firmware, hardware, and connectivity protocol-based vulnerabilities which can be used to hijack devices and their functionality are discovered on a daily basis, and when it comes to Internet of Things (IoT) products, vendors are yet to fully introduce security at the heart of development. 

In 2013, research firm Independent Security Evaluators (ISE) published a study, SOHOpelessly Broken 1.0, which revealed a total of 52 vulnerabilities across 13 SOHO wireless routers and NAS devices offered by vendors including Belkin, TP-Link, Asus, and Linksys. 

See also: Hey Google: What we search for most in cybersecurity .. cyber security?

In a follow-up study, ISE says an examination of today’s popular routers and NAS products has resulted in over double the number of security problems and vulnerabilities being discovered in 13 IoT consumer and enterprise-grade devices, resulting in the submission of 125 CVEs. 

The cybersecurity researchers say in the SOHOpelessly Broken 2.0 report that it is likely “millions” of end-user devices are impacted by the findings. 

In 12 out of 13 cases, ISE managed to exploit the routers and NAS devices to obtain remote, root access. Vulnerabilities found included buffer overflow issues, cross-site scripting (XSS) errors, command injection security flaws, XSS request forgery, and SQL injection problems. 

CNET: Spotify wants to know where you live and will be checking in

According to the cybersecurity firm, each device evaluated included at least one vulnerability that could be exploited for remote shell access or to gain unauthorized access to administration panels. In total, six devices were susceptible to remote exploit without authentication. 

ISE contacted the impacted vendors with their vulnerability reports and proof-of-concept (PoC) code. The majority of companies contacted accepted the reports and three worked directly with ISE to mitigate the security issues. However, several vendors are yet to respond to the researcher’s findings. 

“Our results show that businesses and homes are still vulnerable to exploits that can result in significant damage,” says ISE researcher Rick Ramgattie. “These issues are completely unacceptable in any current web application. Today, security professionals and developers have the tools to detect and fix most of these types of issues which we found, exploited, and disclosed six years ago. Our research shows that they are still regularly found in IoT devices.”

TechRepublic: Cybercriminals set sights on bot attacks and mobile apps

The state of our IoT security does not seem to have improved whatsoever despite efforts to streamline vulnerability disclosure practices and the launch of bug bounty programs. 

Every week, new attack vectors against our connected devices are being developed. Trend Micro researchers recently found, for example, that underground forums are facilitating the discussion of ways to attack Internet-connected gas pumps and smart meters. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

How Cloud-Based Automation Can Keep Business Operations Secure

Next Post

Global Machine Learning Courses Market 2019 Trending Technologies, Developments, Key Players and Forecast to 2024

Related Posts

These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
Internet Security

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

February 28, 2021
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
Next Post
Global Machine Learning Courses Market 2019 Trending Technologies, Developments, Key Players and Forecast to 2024

Global Machine Learning Courses Market 2019 Trending Technologies, Developments, Key Players and Forecast to 2024

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

The Future of AI in Insurance
Data Science

The Future of AI in Insurance

March 1, 2021
Machine Learning as a Service (MLaaS) Market Analysis Technological Innovation by Leading Industry Experts and Forecast to 2028 – The Daily Chronicle
Machine Learning

Machine Learning as a Service (MLaaS) Market Global Sales, Revenue, Price and Gross Margin Forecast To 2028 – The Bisouv Network

March 1, 2021
AI And Automation In HR: The Changing Scenario Of The Business
Data Science

AI And Automation In HR: The Changing Scenario Of The Business

February 28, 2021
Machine learning could aid mental health diagnoses: Study
Machine Learning

Machine learning could aid mental health diagnoses: Study

February 28, 2021
Python vs R! Which one should you choose for data Science
Data Science

Python vs R! Which one should you choose for data Science

February 28, 2021
Can Java be used for machine learning and data science?
Machine Learning

Can Java be used for machine learning and data science?

February 28, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • The Future of AI in Insurance March 1, 2021
  • Machine Learning as a Service (MLaaS) Market Global Sales, Revenue, Price and Gross Margin Forecast To 2028 – The Bisouv Network March 1, 2021
  • AI And Automation In HR: The Changing Scenario Of The Business February 28, 2021
  • Machine learning could aid mental health diagnoses: Study February 28, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates