On the security of IoT devices

According to Cisco’s Annual Internet Report, nearly two-thirds of the global population will have Internet access by 2023. The number of devices connected to IP networks will be more than three times the number of people in the world. The consumer segment will have a nearly three-fourths share of total devices and connections. Moreover, IoT devices will account for 50 percent of all networked devices, and about a third will be wireless.
On the other hand, there has been a rise in the number of people working remotely due to the global pandemic during the last years. Because of this, the security of a company’s network can also depend on the security of the home network of its employees. However, home networks are far from hardened, and most consumer internet-connected devices have a reputation for being vulnerable.
After reflecting on these observations, Faraday’s research team has embarked on a new mission to find and report security vulnerabilities in IoT devices. We invite you to read the first in a series of posts that will discuss the vulnerabilities we find and the techniques and lessons learned along the way: Bypassing password protection and getting a shell through UART in NEC Aterm WR8165N Wi-Fi router. We opted to share our insights since it’s in our best interest to boost the knowledge of the community about these devices’ inner workings to facilitate vulnerability discovery and, in consequence, make this ecosystem more secure.
Check out the first part👇
Sources:
Are you interested in our products? Check out our free version, right here. ⚡🚀
Related Posts
August 11, 2022
New research findings from Faraday goes to DEF CON
Pentesters use a comprehensive and complete toolkit to expose different platforms and evaluate the security of an IT infrastructure. They…
August 1, 2022
Cybersecurity is a secondary objective, and that’s what we’ve been getting wrong.
A programmer is close to a deadline and must work fast. For this one time, they choose to skip certain security protocols. They promise not…
July 29, 2022
Continuous testing, continuous security
We have a very diverse team with strengths in different areas of cybersecurity. We usually work with international companies, which allows…
Hi there! You are probably here because you listened to our talk at Nerdearla 2021 and want to continue learning.
But if you missed the talk and you are curious about reverse engineering and game hacking, then this is for you too.