Cyber Security has become a requirement

Not only to protect commerce financially, but also legally...

you are a target

everyone is a victim

demand is growing

it can not be met

figures show

astonishing trends

Right now businesses are being pressured more and more to invest in additional security services in the attempt to keep up with evolving dangers. The consequences of not being prepared are/will be catastrophic for companies and their customers. In the process of deciding how to establish and operate a business, many business owners of varying power and influence hardly take into consideration the guaranteed attack on their information technology investments. If leadership does not lead by example, department managers will be uneasy about delegating to subordinates the required implementation of common sense computing safeguards.

this is JUST THE BEGINNING

the world and almost all technology is connected

With so many people on the planet having access to technology. With so many governments and markets being co-dependent on each other; the negative consequences of computer systems having control over civilization is endangering not only personal identities or payment transactions, but also national infrastructure safety and environmental integrity.

A Human Rights concern

cyber criminals and spies preying on the innocent

Illegal actions against individuals and companies are not only carried out by criminal cells, but also state-sponsored agencies and their non-governmental contracted propagators. Legitimate business operations are being affected by such revelations; this means profits will continue to be hampered if economic activity isn't left alone by the misuse of information technology systems.

Recent Posts

June 22

Algeria Blocks Internet to Stop Exam Cheats

As solutions go, it is certainly radical: in order to thwart a mass epidemic of cheating by students taking their school leaving exams, Algeria shut down the internet for up to three hours a day this week — for everyone. Read More...

June 21

Liberty Hack the "Biggest Breach Yet" for SA

Millions of South Africans woke up not to the afterglow of another stunning come-from-behind victory by the revitalized Springboks but to the news that their personal data may have been hacked — again. Read More...

June 20

Bithumb Hacked; Coins Worth $32m Stolen

Bithumb holds cryptocurrencies worth 6.36 trillion won, including coins worth 416 billion won of its own, as of the end of 2017, it said in an audit report released in April. Read More...

June 19

Cancer Center Must Pay $4.3m Breach Fine

The breaches in question were the theft of an unencrypted laptop computer from the home of an MD Anderson employee and the loss of two unencrypted USB thumb drives, which contained protected health data of patients. Read More...

June 18

Andhra Pradesh Tracked, Exposed Med Buys

An unsecured dashboard on the Anna Sanjivini website allowed anyone with an internet connection to access the names and phone numbers of everyone who has bought medicines from every single such store. Read More...

Spotlight

The Case of a Hacked Baby Monitor


Some time ago, a case about a hacked baby monitor made the news in the U.S. A mother claimed someone had taken control over the device and surveilled her baby. SEC Consult investigated the issue at a technical level.

Like most consumer grade surveillance products this device has a "P2P cloud" feature that is enabled by default. The device connects to a cloud server infrastructure and keeps this connection up. All supported smartphone and desktop apps can connect to the device via the cloud. From a usability perspective this makes it easier for users to interact with the product, since the user does not have to be in the same network (e.g. the same Wi-Fi network) to be able to connect to the device. Additionally, no firewall rules, port forwarding rules or DDNS setup are required on the router. However, this approach has several security implications.

By: Stefan Viehböck and Thomas Weber —

SEC Consult Vulnerability Lab