10 matches found
Smart chastity device exposes sensitive user data
A security breach or piece of inadvertent exposure can be a devastating thing, not just for the company impacted but also the people whose data is stolen or exposed to the world. The usual roll-call of "name, address, phone number and card details" is bad enough. If such things are tied to...
Understanding the Ecosystem of Smart Cities for the Purpose of Security Testing
Is there a defined ecosystem, similar to what we encountered with the Internet of Things IoT, that can be charted out as it relates to smart city technology and its security implications? While evaluating IoT I struggled with defining what IoT is. I found that there were varying definitions out...
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Exploit
The USR IOT industrial router is vulnerable to hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the device. Affected versions include 1.0.36 and 1.2.7. !/usr/bin/env python...
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor
Summary USR-G806 is a industrial 4G wireless LTE router which provides a solution for users to connect own device to 4G network via WiFi interface or Ethernet interface. USR-G806 adopts high performance embedded CPU which can support 580MHz working frequency and can be widely used in Smart Grid,...
The 2021 Naughty and Nice Lists: Cybersecurity Edition
Editor’s note: We had planned to publish our Hacky Holidays blog series throughout December 2021 – but then Log4Shell happened, and we dropped everything to focus on this major vulnerability that impacted the entire cybersecurity community worldwide. Now that it’s 2022, we’re feeling in need of...
Weak Password Vulnerability in 300M Giga Super High Power Wireless Router
Sapido Technology Inc is a branded technology company invested by Taiwan Steel Group exclusively for IoT IoT technology, specializing in the design and development of intelligent all-wireless security systems and hardware devices. A weak password vulnerability exists in the 300M Giga Super High...
Shenzhen Tengxu IOT Technology Co., Ltd. behavioral management system has SQL injection vulnerability
Shenzhen Tengxu IOT Technology Co., Ltd. was founded in August 2013, is a collection of commercial wireless network product research and development design, manufacturing, sales and service as one of the Internet technology companies. Shenzhen Tengfox IOT Technology Co., Ltd. behavioral managemen...
SQL Injection Vulnerability in RMP Router Management Platform of Xiamen Sihsin Communication Technology Co.
Xiamen Sihsin Communication Technology Co., Ltd. is a national high-tech enterprise, a leading enterprise of Fujian Province Science and Technology Innovation Small Giant, an Internet of Things IoT platform enterprise, an IoT technology expert, and an IoT communication equipment and solution...
SQL Injection Vulnerability in Equipment Management Platform of Shenzhen Tengxu IOT Technology Co.
Shenzhen Tengxu IOT Technology Co., Ltd. is an Internet technology company integrating R&D, design, manufacture, sales and service of commercial wireless network products. Shenzhen Tengxu IOT Technology Co., Ltd. device management platform has a SQL injection vulnerability, which can be exploited...
Challenges with Critical Infrastructure: IoT, Smart Cities Under Attack
Internet of Things technology is now more widespread than many people realize. Systems that fall under the IoT umbrella are popping up in an array of settings, even outside consumer circles. Today, every group from enterprise businesses to city governments is utilizing intelligent, internet- and...