News & Events

What You Need to Know: The Top Product Cybersecurity News This Week

Karamba Security | November 7th, 2019
green mountains

A look at some of the top stories this week in the world of automotive, IoT, Industry 4.0, and Enterprise Edge product cybersecurity.

How to Hack Alexa with a Laser Pointer (New York Times)

lasers

We all know laser pointers can hijack a house cat’s attention - but it turns out they can do much more. Researchers in Japan and at the University of Michigan reveal how they can seize control of Google Home, Amazon’s Alexa, or Apple’s Siri, by aiming a laser pointer - and even a simple flashlight - at the devices’ microphones from hundreds of feet away. Researchers said once inside they could then hack any digital smart systems attached to the voice-controlled assistants.

Amazon Ring Doorbells Exposed Home Wi-Fi Passwords to Hackers (Tech Crunch)

wifi

Researchers say doorbells send owner’s Wi-Fi password in clear text over the internet, which allows nearby hackers to intercept it and gain access to the network, where they can launch larger attacks or carry out surveillance.

Attackers Exploit Flaws in Cisco Firewalls to Carry Out the First-Ever Hack on a Renewable Energy Provider (Security Affairs)

cisco logo

Utah-based sPower says the attack did not affect any of their critical control systems or power generation, but according to CyberScoop, operators at sPower were unable to communicate with a dozen generation sites for five minute intervals over the course of several hours. Attackers also carried out DoS attacks, causing target devices and websites to crash.

BlueKeep Remote Code Execution Vulnerability Being Exploited for Crypto Mining (Bleeping Computer)

crypto

Researchers say honeypots have recorded exploits of BlueKeep (CVE-2019-0708), which can spread malware across connected systems without user intervention. Windows released a patch in May, but there is still an unknown number of users who have not updated.

Carmakers and Repair Shops Clash over Crash-Prevention Technology (Auto Blog)

wifi

Due to the sophistication of the systems, many automakers say only parts and repairs from their authorized dealers can ensure safety, drawing fire from independent repair shops and suppliers who say they are being locked out.

New Variant of IoT Malware Targets Small Business and Home (Mashviral)

routers

New version of Gafgyt malware targets Huawei, Realtek, and Zyxel routers, and hijacks them to form botnet armies for DoS attacks.

Thousands of QNAP NAS Devices Fall Victim to New Malware (Security Affairs)

green code

“QSnatch” malware has reportedly hit over 7,000 devices in Germany alone. Once inside a vulnerable device, the malware injects malicious code to gain reboot persistence.

Read more

Want to learn more?

Contact Us
Loc

USA

41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171

Loc

Israel

24 HaNagar Street
Hod Hasharon
45277-13
Tel: +972 9 88 66 113

Loc

Germany

Wasserburger
Landstr. 264, Munich
81827
Tel: +49 151 1471 6088