This Week in Security: Internet Peek-a-Boo and Stalkerware Burn

Internet of Peek-a-Boo

The Internet of Things (IoT) has provided wonderful conveniences in our daily lives. But IoT devices also come with a dark side that bring us one step closer to the Black Mirror universe. This week’s Internet of Terrible Things explores Internet connected baby monitors.

The team at SEC Consult uncovered a number of issues for a suite of “smart” (read: stupid Internet connected device) baby monitors that affect over 52,000 users. The vulnerabilities include weak default credentials which may lead to yet another IoT botnet similar to Mirai, and using outdated software containing known vulnerabilities.

Even worse, the researchers attempted to notify the device vendor but did not receive any response. The lack of concern or response speaks for itself when appraising how much these vendors care about your security and privacy.

The last thing you need is for an attacker to be watching you through the baby monitor when you’re caring for your young ones. We’re losing the war against IoT security but you can take some small steps to protect yourself.

Stalkerware Burn Notice

Hot on the heels of last week’s news of Retina-X’s server destruction, hacktivists have struck two additional spyware companies, Mobistealth and Spy Master Pro. These companies develop and sell mobile malware for the purposes of spying on your loved (?) ones by collecting GPS location, voice recordings, and text messages.

The unknown hacktivists delivered a cache of data exfiltrated from the spyware servers and verified as authentic by Motherboard. Smartphones are a crucial part of our daily lives and provide access to not only the vast Internet, but to all of the services we rely on such as banking and security. Mobile malware can be extremely powerful because of this access and the various features it can hijack, such (Read more...)

This is a Security Bloggers Network syndicated blog post authored by Cylance Blog. Read the original post at: Cylance Blog