Cyber Security has become a requirement

Not only to protect commerce financially, but also legally...

you are a target

everyone is a victim

demand is growing

it can not be met

figures show

astonishing trends

Right now businesses are being pressured more and more to invest in additional security services in the attempt to keep up with evolving dangers. The consequences of not being prepared are/will be catastrophic for companies and their customers. In the process of deciding how to establish and operate a business, many business owners of varying power and influence hardly take into consideration the guaranteed attack on their information technology investments. If leadership does not lead by example, department managers will be uneasy about delegating to subordinates the required implementation of common sense computing safeguards.

this is JUST THE BEGINNING

the world and almost all technology is connected

With so many people on the planet having access to technology. With so many governments and markets being co-dependent on each other; the negative consequences of computer systems having control over civilization is endangering not only personal identities or payment transactions, but also national infrastructure safety and environmental integrity.

A Human Rights concern

cyber criminals and spies preying on the innocent

Illegal actions against individuals and companies are not only carried out by criminal cells, but also state-sponsored agencies and their non-governmental contracted propagators. Legitimate business operations are being affected by such revelations; this means profits will continue to be hampered if economic activity isn't left alone by the misuse of information technology systems.

Recent Posts

July 20

Singapore Medical Breach Affects 1.5mn, PM

The breach affected SingHealth, Singapore's biggest network of healthcare facilities. Data obtained in the breach includes names, addresses, gender, race, date of birth and patients’ national identification numbers. Read More...

July 19

Smart Vacuum Flaws Let Hackers Spy on Users

Security researchers from Positive Technologies have released public details on two vulnerabilities affecting Dongguan Diqee 360 smart vacuum cleaners. This is the second time bugs in a smart vacuum firmware have been found. Read More...

July 18

IICSA Find for Child Sex Abuse Data Reveal

The Independent Inquiry into Child Sexual Abuse (IICSA) has been fined £200,000 by the Information Commissioner's Office (ICO) after sending a bulk email that identified possible victims of non-recent child sexual abuse. Read More...

July 17

Voting Machines Installed w/ Remote-Access

The nation's top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years. Read More...

July 16

U.S. Senators: Investigate Smart TV Privacy

Senators asked the Federal Trade Commission (FTC) to investigate the privacy policies and practices of smart TV manufacturers. Recent reports suggest smart TVs can identify political affiliations based on watching media outlets. Read More...

Spotlight

The Case of a Hacked Baby Monitor


Some time ago, a case about a hacked baby monitor made the news in the U.S. A mother claimed someone had taken control over the device and surveilled her baby. SEC Consult investigated the issue at a technical level.

Like most consumer grade surveillance products this device has a "P2P cloud" feature that is enabled by default. The device connects to a cloud server infrastructure and keeps this connection up. All supported smartphone and desktop apps can connect to the device via the cloud. From a usability perspective this makes it easier for users to interact with the product, since the user does not have to be in the same network (e.g. the same Wi-Fi network) to be able to connect to the device. Additionally, no firewall rules, port forwarding rules or DDNS setup are required on the router. However, this approach has several security implications.

By: Stefan Viehböck and Thomas Weber —

SEC Consult Vulnerability Lab