Forescout Research Labs and JSOF researchers have discovered nine security flaws in four commonly used TCP/IP stacks that make 100+ million devices vulnerable to attack. The set of flaws, dubbed Name:Wreck, mainly impact Internet of Things (IoT) products and IT management servers. The TCP/IP stacks that integrate network communication protocols to connect devices and the Internet are found in operating systems such as the open-source FreeBSD and Siemens’ Nucleus NET. An attacker could crash a device, take it offline or gain control of it. Continue reading Millions of IoT Devices Open to Attack Due to Security Flaws

In July, security firm Forescout discovered that DTEN touchscreen smart TVs, one of video conference service Zoom’s “certified hardware providers,” can be hacked to allow evildoers to bug conference rooms and capture video feeds and whiteboard notes. A two-week study of the DTEN D5 and D7 connected displays revealed five bugs, three of which have been patched but two of which remain. After Forescout disclosed the flaws to DTEN, it decided to go public to raise awareness of the security threat. Continue reading Multiple Bugs Made Zoom Hardware Susceptible to Hackers