Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
threatpostLindsey O'DonnellTHREATPOST:37BF5ED79AFA91D628C8CA75FA1CBA7C
HistoryFeb 27, 2020 - 2:49 p.m.

IoT Insecurity: When Your Vacuum Turns on You

2020-02-2714:49:08
Lindsey O'Donnell
threatpost.com
73
JSON

SAN FRANCISCO – Hackable Internet of Things (IoT) devices are on full display this week at the RSA Conference 2020. They include everything from baby monitors to Wi-Fi chips. One such device is a connected vacuum cleaner, the Trifo Ironpie M6. According to researchers with Checkmarx, the vacuum has several high-severity flaws that open the device to remote attacks. Those include a denial of service (DoS) attack that bricks the vacuum, to a hack that allows adversaries to peer into private homes via the vacuum’s embedded camera.

Speaking to Threatpost at RSAC was Erez Yalon with Checkmarx who warns that consumers should re-think buying smart home devices with potentially invasive cameras. He cautions, the IoT marketplace continues to have worrying security issues.

“The awareness from the user side is particularly important,” he said. “The general story here is about consumers deciding to add another camera in the house. Obviously we want more convenience. The price we pay is privacy, maybe we need to stop and think again.”

[For Threatpost’s complete RSA Conference 2020 reporting, please visit our special coverage section, available here.]

JSON