Archive for the ‘Senrio’ Category

Was the Devil’s Ivy Vulnerability a Dud? Don’t Count on It.

August 11th, 2017

In-brief: The Devil’s Ivy vulnerability in the open source gSOAP library is widespread and supposedly trivial to exploit. So why, one month later, haven’t we seen any attacks? Is Devil’s Ivy a dud? ‘Don’t count on it,’ security experts tell us. In July, the warnings were all about the so-called...

Read the whole entry... »

Related Stories

Posted in connected devices, Devil's Ivy, hardware, Internet of things, malware, password, Patching, Reports, Search engine, Senrio, Senrio (Xipiter), Shodan, software, Top Stories, vulnerabilities | Comments (0)

Bad Code Library Triggers Devil’s Ivy Vulnerability in Millions of IoT Devices

July 19th, 2017
Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attacks to remotely gain control over devices or crash them.

Posted in adobe, Axis Cameras, Bad Code, Bitbucket, Cloud security, Genivia, GitHub, gSOAP, hacks, IBM, IoT, IoT hacks, Microsoft, NuGet Gallery, ONVIF Forum, privacy, Senrio, vulnerabilities, Web Security, Xerox | Comments (0)

TP-Link Fixes Code Execution Vulnerability in End-of-Life Routers

June 20th, 2017
Router manufacturer TP-Link recently fixed a vulnerability in a discontinued line of routers that if exploited could have been used to execute code on the device.

Posted in Ben Gurion University, blinking LED lights, code execution, Router Security, routers, Senrio, TP-Link, vulnerabilities | Comments (0)

Beyond the CES Hype: No Easy Fixes for Security and Privacy Woes

January 6th, 2017

In-brief:Security and privacy risks from connected devices are likely to persist, with no easy fix for what experts agree are widespread problems. The annual Consumer Electronics Show kicked off this week in Las Vegas – the show’s 50th year and bigger than ever. Some 3,800 companies are on hand, more than 100,000 attendees and 2.6 million square feet of exhibit space. Smart devices designed to be connected to the Internet of Things are all the rage again this year. Smart TVs and mobile phones are in abundance, of course, but there’s a dizzying array of other gear, too, ranging from a smart washer and dryer from Samsung to wearable technology to a concept car by Bosch that features face recognition and gesture control. But behind the glitz and excitement of new products, features and capabilities lurk serious security and privacy concerns that experts agree will not be easy to resolve. Among […]

Definitive Guide to DLP

Posted in CES, conferences, connected devices, Internet of things, Mobile, Mobile Threats, Online Trust Association, Senrio, Senrio (Xipiter), software, Top Stories | Comments (0)

D-Link Wi-Fi Camera Flaw Extends to 120 Products

July 7th, 2016
A software component that exposed D-Link Wi-Fi cameras to remote attacks is also used in more than 120 other products sold by the company.

Posted in D­Link DCS­930L Network Cloud Camera, d-link, networked camera, remotely exploitable, Senrio, Stephen Ridley disclosure, vulnerabilities, Wi-Fi camera | Comments (0)

Startup Senrio Sniffs Out Stealth IoT Devices on your Network

June 10th, 2016

In-brief: A new start-up, Senrio, unveiled its Sensor this week: a new security monitoring tool that can identify and monitor embedded devices connected to your network and spot anomalous or malicious behavior.  A couple of months back I was working on an intriguing story about a brand of network gear known as a remote power management (or “RPM”) device that was exhibiting some strange behavior. Specifically: there were reports that one specific type of RPM was sending spoofed and encrypted traffic to suspicious domains in China, Europe and elsewhere. The reports were a concern. RPM devices basically act as network-attached power outlets. Malicious actors who controlled one could, with a simple keystroke, shut the power off for whatever equipment was plugged into the RPM – a server in a data center, a medical device or a critical piece of industrial equipment. The possibilities were endless. The question remained: was this one case […]

Definitive Guide to DLP

Posted in automobile, connected devices, critical infrastructure, data privacy, embedded device, Enterprise, hardware, IDS IPS, Information Security, Internet of things, medical devices, Patching, pc, process controller, Remote Power Management, router, RTOS, Senrio, sensor, Top Stories, vulnerabilities | Comments (0)

Unpatched D-Link Wi-Fi Camera Flaw Remotely Exploitable

June 8th, 2016
D-Link's DCS­930L Wi-Fi camera is vulnerable to a stack overflow vulnerability that can be remotely exploited.

Posted in D­Link DCS­930L Network Cloud Camera, d-link, hacks, networked camera, Senrio, stack overflow, Stephen Ridley, vulnerabilities, Web Security, Wi-Fi camera | Comments (0)