[ad_1]
Cybersecurity researchers said Tuesday they discovered a flaw that exposed live video data and audio from millions of internet-connected devices to hackers.
The vulnerability affects more than 83 million devices using it single outTin network, according to cybersecurity firm FireEye’s mandiant division. single out It is a technology company established in Taiwan and serving internet of things (IoT) devices and developing software.
“This vulnerability, discovered by researchers, mandiantIn late 2020, Red Team will allow competitors to remotely hijack victims’ IoT devices, resulting in the ability to listen to live audio, monitor real-time video data, and compromise device credentials for further attacks based on exposed device functionality.” mandiant said in a statement. “These additional attacks may include actions that would allow an enemy to remotely control affected devices.”
mandiant It said it coordinated with the federal Agency for Cybersecurity and Infrastructure Security (CISA), which did not immediately respond to requests for comment. In June, CISA issued an advisory alert regarding a vulnerability. single out software that can disclose sensitive information to hackers.
The most recently discovered software vulnerability differs from the previous discovery as follows: mandiant He said the flaw he uncovered allowed cyberattackers to communicate with devices remotely.
It remains unclear exactly which devices are affected. mandiant said it could not develop a comprehensive list of vulnerable devices, but single out‘s website states that more than 83 million devices use Tin and 1.1 billion connections are made per month on the platform.
According to this single outProducts that the Tin platform supports for its smart home offerings include security cameras such as those used for baby monitors, video door phones, home appliances, smart locks, smart robots, personal cloud storage devices, and more. The company’s website said its home video surveillance products support Amazon Alexa and Google Home Assistant.
To take advantage of the problem, mandiant He said a hacker would need extensive knowledge of the Tin protocol and obtain Tin unique identifiers stored on individual devices that hackers can access by manipulating one or finding other flaws in products.
single out did not respond to a request for comment. mandiant Said it worked for both single out and to disclose the CISA vulnerability.
He stated that the cybersecurity company FireEye’s partnership with the federal government heralds how future issues will be made public. mandiant It participates in the Joint Cyber Defense Cooperation established by CISA to connect law enforcement and national security communities with private technology companies to combat hackers.
mandiant listed the researchers responsible for discovering the vulnerability single outproduct of Erik Barzdukas, Dillon Franke and Jake Valletta.
[ad_2]
Source link