Tag

Iot Security

All articles tagged with #iot security

cybersecurity1 month ago•10 min saved

China-Nexus Botnets Pivot to Global Covert Device Networks

Joint NCSC-UK advisory warns that China-nexus actors increasingly rely on large, dynamic networks of compromised devices—primarily SOHO routers and IoT gear—to conduct reconnaissance, malware delivery, C2, and data exfiltration, enabling operations at scale with limited attribution. Because these covert networks are constantly updated and may be shared by multiple actors, static IP blocks are less effective. Defenders should map and baseline edge devices, enable MFA for remote access, apply zero-trust and machine certificates, reduce internet-facing exposure, and use threat feeds, NetFlow, and dynamic blocklists; pursue active hunting for suspected covert-network activity, and follow Cyber Essentials plus MITRE ATT&CK-aligned defenses. Basic best practices—keep systems updated, prevent lateral movement, log events, deploy host-based IDS, and manage supply-chain risk—remain essential.

via CISA (.gov)|

#botnets #china-nexus #covert-networks

security2 months ago•7 min saved

Security Flaw Lets Remote Hackers Command Thousands of Camera-Equipped Robot Vacuums

A security vulnerability in DJI's Romo robot vacuums allowed a remote attacker to hijack about 6,700 devices across 24 countries using only their 14-digit serial numbers, granting access to live video, audio, and home floor plans. The flaw was demonstrated by Sammy Azdoufal and has been fixed by DJI, but the incident underscores ongoing privacy and security risks in internet-connected home devices.

via WIRED|

#dji-romo #iot-security #privacy

technology3 months ago•2 min saved

Hobbyist hacker unlocks data from 7,000 smart vacuums

A software engineer used an AI coding assistant to reverse‑engineer how a DJI Romo robot vacuum talks to its cloud servers, revealing a backend vulnerability that let him access live video, audio, and maps from about 7,000 connected vacuums across 24 countries; DJI said the issue was resolved after reporting, highlighting privacy risks in smart-home devices.

via The Guardian|

#cybersecurity #dji #iot-security

network-security4 months ago•2 min saved

RondoDox Botnet Exploits React2Shell Flaw to Hijack IoT Devices and Servers

Cybersecurity researchers have uncovered a nine-month campaign where the RondoDox botnet exploited the critical React2Shell vulnerability (CVE-2025-55182) to hijack IoT devices and web servers, deploying malware, cryptocurrency miners, and Mirai variants, with the threat still active as of December 2025. Organizations are urged to update vulnerable software, segment IoT devices, and enhance monitoring to prevent infection.

via The Hacker News|

#botnet #iot-security #network-security

technology9 months ago•4 min saved

NIST Launches Standard for Lightweight Cryptography in Small Devices

NIST has finalized a new lightweight cryptography standard based on Ascon algorithms to protect small, resource-constrained devices like IoT gadgets, RFID tags, and medical implants from cyberattacks, offering various options for encryption, hashing, and future expandability.

via National Institute of Standards and Technology (.gov)|

#ascon-algorithms #cybersecurity #iot-security

technology10 months ago•5 min saved

FBI Urges 10 Million Android Users to Disconnect Devices Immediately

The FBI warns that over 10 million Android devices, including IoT gadgets and smart devices, are infected with the BadBox 2.0 botnet, which is used for criminal activities. Google has taken legal action and updated protections, but users are advised to disconnect suspicious devices from their networks to prevent further harm.

via Forbes|

#android #badbox20 #botnet