Archive for the ‘Internet of things’ Category

Review: The June oven made me want a camera in every cooking device

December 22nd, 2018
June oven from the front.

Enlarge (credit: June Oven)

When my husband and I received a flashy, $250 Breville toaster oven for our wedding in 2014, we couldn't believe how awesome it was. It revolutionized the two-person meal in our household. We were freed from using the geriatric, unreliable oven that came with our apartment, and cookies, pizzas, and baked chicken dishes were now heated all the way through.

The best feature was the timer; you could pop a banana bread in there, set it for 40 minutes, and go walk the dog knowing that, when the 40 minutes ended, the Breville would shut off, and your food would slowly stop cooking. The Breville also broiled and roasted, too, so I could char peppers in the summer for salsa. Even four years after buying it, I've maintained that it's the best toaster oven out there.

Enter the June Oven. Ars heard about this Silicon-Valley marvel several months ago, and I was sent a review unit to test out. The appliance, which ships in February, is a $600 Internet-connected toaster oven that acts as a convection oven, toaster, air fryer, dehydrator, slow cooker, broiler, and warming drawer. (Although you'll need to buy June's Air Baskets separately to actually use the device as an air fryer or as a dehydrator, which will set you back another $50.) You can operate the June from the touch screen on the front or from the June app. Most importantly, there's a camera inside the oven, which totally changed the way I cook.

Read 44 remaining paragraphs | Comments

Posted in Cooking, Features, Internet of things, June toaster oven, reviews, Tech | Comments (0)

A 100,000-router botnet is feeding on a 5-year-old UPnP bug in Broadcom chips

November 12th, 2018
A 100,000-router botnet is feeding on a 5-year-old UPnP bug in Broadcom chips

Enlarge (credit: D-Link)

A recently discovered botnet has taken control of an eye-popping 100,000 home and small-office routers made from a range of manufacturers, mainly by exploiting a critical vulnerability that has remained unaddressed on infected devices more than five years after it came to light.

Researchers from Netlab 360, who reported the mass infection late last week, have dubbed the botnet BCMUPnP_Hunter. The name is a reference to a buggy implementation of the Universal Plug and Play protocol built into Broadcom chipsets used in vulnerable devices. An advisory released in January 2013 warned that the critical flaw affected routers from a raft of manufacturers, including Broadcom, Asus, Cisco, TP-Link, Zyxel, D-Link, Netgear, and US Robotics. The finding from Netlab 360 suggests that many vulnerable devices were allowed to run without ever being patched or locked down through other means.

Last week's report documents 116 different types of devices that make up the botnet from a diverse group of manufacturers. Once under the attackers' control, the routers connect to a variety of well-known email services. This is a strong indication that the infected devices are being used to send spam or other types of malicious mail.

Read 4 remaining paragraphs | Comments

Posted in Biz & IT, botnets, exploits, Internet of things, IoT, routers, universal plug and play, upnp, vulnerabilities | Comments (0)

Smart Devices Can Be Hijacked to Track Your Body Movements And Activities Remotely

August 20th, 2017

If your smartphones, tablets, smart refrigerators, smart TVs and other smart devices are smart enough to make your life easier, their smart behavior could also be leveraged by hackers to steal data, invade your privacy or spy on you, if not secured properly.

One such experiment has recently been performed by a team of student hackers, demonstrating a new attack method to turn smart devices

Posted in google tracking, hacking smart device, Hacking Smart TV, Internet of things, smart device, Smartphone, Technology News | Comments (0)

Unpatchable Flaw in Modern Cars Allows Hackers to Disable Safety Features

August 17th, 2017

Today, many automobiles companies are offering vehicles that run on the mostly drive-by-wire system, which means a majority of car’s functions—from instrument cluster to steering, brakes, and accelerator—are electronically controlled.

No doubt these auto-control systems make your driving experience much better, but at the same time, they also increase the risk of getting hacked.

Car Hacking

Posted in car hacking, hacking news, Internet of things, Smart Car Hacking, Vulnerability | Comments (0)

Five Billion Tests Later: IoT and Industrial Control System Protocols Raise Alarms

August 9th, 2017

In-brief: Close to five billion “fuzzing” tests conducted during 2016 reveal protocols used by industrial control systems, vehicles and Internet of Things devices to be weaker, on average, with many crashing hundreds of times and revealing vulnerabilities that could be used by malicious actors.  A study of 4.8 billion automated…

Read the whole entry… »

Related Stories

Posted in connected devices, critical infrastructure, fuzzing, Internet of things, protocol, published research, Reports, software, software development, supply chain, survey, Top Stories, trends, vulnerabilities | Comments (0)

Siemens, DHS warn of “low skill” exploits against CT and PET Scanners

August 4th, 2017

Enlarge (credit: University of Queensland)

The Department of Homeland Security’s Industrial Control System Computer Emergency Response Team (ICS-CERT) has issued an alert warning of four vulnerabilities in multiple medical molecular imaging systems from Siemens. All of these systems have publicly available exploits that could allow an attacker to execute code remotely—potentially damaging or compromising the safety of the systems. “An attacker with a low skill would be able to exploit these vulnerabilities,” ICS-CERT warned.

Siemens identified the vulnerabilities in a customer alert on July 26, warning that the vulnerabilities were highly critical—giving them a rating of 9.8 out of a possible 10 using the Common Vulnerability Scoring System. The systems affected include Siemens CT, PET, and SPECT scanners and medical imaging workflow systems based on Windows 7.

One of the vulnerabilities is in the built-in Window Web server running on the systems. “An unauthenticated remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Microsoft Web server (port 80/tcp and port 443/tcp) of affected devices,” Siemens warned in its alert. The bug in the Web server software allows code injection onto the devices.

Read 4 remaining paragraphs | Comments

Posted in Health IT, hospital it, Internet of things, Tech | Comments (0)

Hacking A $1500 ‘Smart Gun’ With $15 Magnets

July 29th, 2017

I think we should stop going crazy over the smart things unless it’s secure enough to be called SMART—from a toaster, security cameras, and routers to the computers and cars—everything is hackable.

But the worst part comes in when these techs just require some cheap and easily available kinds of stuff to get compromised.

Want example? It took just cheap magnets purchased from Amazon online

Posted in hacking news, hacking smart device, hacking smart gun, Internet of things, smart device, smart gun | Comments (0)

Hackers Could Easily Take Remote Control of Your Segway Hoverboards

July 19th, 2017

If you are hoverboard rider, you should be concerned about yourself.

Thomas Kilbride, a security researcher from security firm IOActive, have discovered several critical vulnerabilities in Segway Ninebot miniPRO that could be exploited by hackers to remotely take “full control” over the hoverboard within range and leave riders out-of-control.
<!– adsense –>
Segway Ninebot miniPRO is a

Posted in Bluetooth hacking, electric scooter, Hoverboard, Internet of things, Password bypass, Segway miniPRO | Comments (0)

Remotely Exploitable Flaw Puts Millions of Internet-Connected Devices at Risk

July 18th, 2017

Security researchers have discovered a critical remotely exploitable vulnerability in an open-source software development library used by major manufacturers of the Internet-of-Thing devices that eventually left millions of devices vulnerable to hacking.

The vulnerability (CVE-2017-9765), discovered by researchers at the IoT-focused security firm Senrio, resides in the software development

Posted in buffer overflow vulnerability, gSOAP toolkit, hacking news, Internet of things, iot devices, remote code execution, smart device, software development, Vulnerability | Comments (0)