IoT Security Links

A curated list of links to IoT Security news and helpful user advice.

Courtesy of FranksMicro LLC in Columbus, Ohio.

VPN Comparison
That One Privacy Guy

Non-profit site provides details and comparisons for just about every available commercial VPN. Very detailed.

2FA is being pushed out to all Google Nest users to better protect their accounts
Bitdefender February 12, 2020

Google is recommending specific actions for owners of its Nest thermostat and related products to increase security.

U.S. Department of Interior Grounding All Drones
Schneier on Security January 31, 2020

Concern is that Chinese-made drones may be sending images, video, and flight records to servers in Beijing when they are connected to local PC network to download data.

Researchers find potentially life-threatening flaws in seven GE Healthcare products
Bitdefender January 27, 2020

Attackers can take advantage of the flaws, plus some expected misconfigurations, to take over monitors and/or telemetry aggregation servers, exfiltrate data, and even silence alerts.

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
ZDNet January 19, 2020

Factory default and easy-to-guess passwords are the culprit in this incident.

Consumer Reports warns IoT camera makers to improve their security
IoT News January 15, 2020

In response to multiple reports of hacks and unauthorized access of smart cameras and doorbells, Consumer Reports sent a letter to 25 manufacturers of IoT cameras requesting information on the security steps being taken to prevent hacks and unauthorized access.

Google shuts down Xiaomi access to Assistant following Nest Hub picking up strangers' camera feeds
Android Police January 6, 2020

Bug in Xiaomi app shows images from random users homes. This is an example of how personal information can be exposed even if the user follows security guidelines perfectly and there are no hackers.

IoT vendor Wyze confirms server leak
ZDNet December 29, 2019

Server leak exposed the details of roughly 2.4 million IoT device customers.

ToTok Is an Emirati Spying Tool
Schneier on Security December 24, 2019

Smart phone messaging app spies on you by recording message content and GPS location.

Ring cam credentials leaked on the web
Bitdefender Dec 11, 2019

Security researcher finds log-in credentials for 3,672 Ring camera owners on a text storage site.

Hateful Hacking: Family Berated With Racial Slurs Via Ring Camera
KGET News Bakersfield, CA Dec 11, 2019

Video of hackers engaging a Florida family with racial insults using a hacked Ring camera. Interview with family, and with a tech expert who briefly discusses countermeasures.

Kids’ karaoke machines and smart toys from Mattel and Vtech among those found to have security flaws
Which? December 10, 2019

Report by a UK consumer group on security vulnerabilities of some popular toys. Includes general security advice and a link to a security safety checklist to use when shopping for toys.

Family says hackers accessed a Ring camera in their 8-year-old daughter’s room
WMC News 5 Memphis, TN Dec 10, 2019

Video of hackers engaging 8-year-old girl using a hacked Ring camera. Brief interview with girl and mother.

FBI Warns That Your New Smart TV Could Be Used to Spy on You
Futurism Magazine December 2, 2019

Discusses how manufacturers, as well as hackers, can use smart TVs to compromise user's privacy, and mentions a few countermeasures.

Mirai goes Enterprise
Kaspersky Daily March 19, 2019

Discusses how a new strain of Mirai (the botnet of hijacked Iot devices that created a massive US East Coast internet outage in late 2016) is again attacking IoT devices. List of targeted devices, and some advice on how to protect these devices.

The Mirai botnet explained: How teen scammers and CCTV cameras almost brought down the internet
CSO March 9, 2018

Describes how unsecured IoT devices were hijacked to create a massive US East Coast internet outage in late 2016.