Friday, February 26, 2021
  • Sete práticas de segurança cibernética que toda organização deveria implementar
  • Evolução da cibersegurança: Uma breve linha do tempo
  • Um dia na vida de um analista SOC
  • Google to Underwrite Contributors to Linux Security
  • Infrastructure Hygiene: Fixing Vulnerabilities

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Careers Security Awareness Security Bloggers Network 

Home » Cybersecurity » Careers » The Risk of Credential Stuffing to the Smart Home

The Risk of Credential Stuffing to the Smart Home

by Tripwire Guest Authors on April 10, 2019

As technology advances and the costs of connecting electronic components to the internet decreases, the lower the cost of having an internet connected smart home is. Sensors placed throughout a house and integrated into home appliances can provide homeowners the advantages of monitoring and managing functions of the home remotely.

According to Rehman & Manickam (2016), there are three components of a smart home: indoor, outdoor and gateway. The indoor environment consists of physical internet connected devices such as smart locks, video doorbells, intelligent appliances, Wi-Fi thermostats, etc. The outdoor environment provides internet access to the smart service provider for remote access and management of the devices, while gateway devices act as a bridge between the indoor and outdoor environments. The gateway devices provide security by monitoring the network flow in the smart home and managing remote access to the smart home. Given their roles described above, these three types of components need to be taken into consideration when evaluating the inherent risks of a smart home.

Identifying Today’s Risks Facing Smart Homes

In today’s world, there are six major security threats to a smart home: eavesdropping, replay attack, message notification, denial of service, malicious codes and masquerading (Rehman & Manickam, 2016). Let’s briefly look at how each of these attacks works:

  • An example of eavesdropping is when an attacker monitors internet traffic from indoor and outdoor environments without authorization from users. Data that passes through the network while the attacker is eavesdropping can be captured. This is considered an attack on the confidentiality of the smart home environment.
  • Replay attacks can be leveraged by an attacker in instances where they can capture an action being performed on a smart home device and then replay that action over again to get the same result. There are many ways a replay (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-awareness/risk-credential-stuffing-smart-home/

April 10, 2019April 10, 2019 Tripwire Guest Authors credential stuffing, Security Awareness, smart home
  • ← How to Build an Effective ICS Security Program
  • Survey: Cybersecurity Crowdsourcing Achieves Acceptance →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Think Macs Don’t Get Malware? Think Again.
How to Secure Your Cloud Investment
Mitigating Third-Party Supply Chain Breaches
What’s Scarier Than the SolarWinds Breach?
Sysdig Donates Module to CNCF to Improve Linux Security
Surge in ZLoader Attacks Observed
From Zero to Zero Trust: Five Tips to Simplify Your Journey
Ransomware Attacks Remain Persistent and Pervasive
Industrial Cybersecurity and the Florida Water Supply Attack with Dale Peterson
CipherCloud Chronicles 9: Docs Journey-Reassuring Data Classification with CipherCloud

Upcoming Webinars

Mar 09

Zero Trust Journey – A Security Leader’s Story

March 9 @ 11:00 am - 12:00 pm
Mar 15

Don’t Get Attached to Your Attachment!

March 15 @ 9:00 am - 10:00 am
Mar 15

Managing Security in a Decentralized World

March 15 @ 1:00 pm - 2:00 pm
Mar 17

API Security: Everything You Need to Know To Protect Your APIs

March 17 @ 1:00 pm - 2:00 pm
Mar 22

The Main Application Security Technologies to Adopt in 2021

March 22 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Managing the AppSec Toolstack

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

XDR: Next-Level Prevention and Detection
Analytics & Intelligence Cybersecurity Endpoint Incident Response Industry Spotlight Security Boulevard (Original) 

XDR: Next-Level Prevention and Detection

February 25, 2021 Eyal Gruner | Yesterday 0
Breach Clarity Data Breach Report: Week of Feb. 22
Cloud Security Cybersecurity Data Security Endpoint Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) Threats & Breaches 

Breach Clarity Data Breach Report: Week of Feb. 22

February 24, 2021 Kyle Marchini | 2 days ago 0
What’s Scarier Than the SolarWinds Breach?
Cloud Security Cybersecurity Data Security Industry Spotlight Network Security Security Awareness Security Boulevard (Original) Threats & Breaches 

What’s Scarier Than the SolarWinds Breach?

February 23, 2021 Yuval Elddad | 3 days ago 0

Top Stories

‘Dangerous’ RCE in VMware: Patch, or the Puppy Gets It
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security DevOps Featured Identity & Access Incident Response Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

‘Dangerous’ RCE in VMware: Patch, or the Puppy Gets It

February 26, 2021 Richi Jennings | 6 hours ago 0
Think Macs Don’t Get Malware? Think Again.
Analytics & Intelligence Cloud Security Cybersecurity Endpoint Featured Incident Response Malware News Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Think Macs Don’t Get Malware? Think Again.

February 22, 2021 Richi Jennings | 4 days ago 0
SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access Incident Response Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs

February 19, 2021 Richi Jennings | Feb 19 0

Security Humor

via     the comic delivery system monikered   Randall Munroe   resident at   XKCD  !

XKCD ‘Exposure Models’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.