All posts tagged: internet of things

Billions of Devices at Risk of Hacking Due to Hidden Commands

Billions of Devices at Risk of Hacking Due to Hidden Commands

Published by Webster

Tarlogic team giving their presentation during RootedCON. Image: Tarlogic Billions of devices worldwide rely on a widely used Bluetooth-Wi-Fi chip that contains undocumented “hidden commands.” Researchers warn these commands could be exploited to manipulate memory, impersonate devices, and bypass security controls. ESP32, manufactured by a Chinese company called Espressif, is a microcontroller that enables Bluetooth and Wi-Fi connections in numerous smart devices, including smartphones, laptops, smart locks, and medical equipment. Its popularity is partly due to its low cost, with units available for just a few dollars. Must-read security coverage Hidden Bluetooth commands and potential exploits Researchers at security firm Tarlogic discovered 29 undocumented Host Controller Interface commands within the ESP32’s Bluetooth firmware. These commands enable low-level control over some Bluetooth functions, such as reading and writing memory, modifying MAC addresses, and injecting malicious packets, according to Bleeping Computer, which attended Tarlogic’s presentation at RootedCON. SEE: Zscaler Report: Mobile, IoT, and OT Cyber Threats Surged in 2024 While these functions aren’t inherently malicious, bad actors could exploit them to stage impersonation attacks, introduce and hide …

Qualcomm, Intel, and Others Form Ambient IoT Coalition

Qualcomm, Intel, and Others Form Ambient IoT Coalition

Published by Webster

Organizations including Qualcomm and Wiliot have announced the formation of the Ambient IoT Alliance, a multi-standard ecosystem of ambient IoT manufacturers, suppliers, integrators, operators, users, and customers. Ambient IoT is an ecosystem for devices that draw energy from ambient radio waves, light, motion, heat, or any other widely available, pervasive source. Bluetooth, 5G Advanced, and 802.11bp could help support this class of devices, which offers high scalability and, potentially, lower costs than non-ambient versions, the alliance said. The term ambient IoT could apply to a wide variety of  “battery-less things,” such as sensors for location, temperature, and humidity. In the press release, the Ambient IoT Alliance said their ecosystem is not meant to replace any other standardization activities; instead, the group will promote ambient IoT and contribute documentation, support, and use cases to standardization efforts where appropriate. Must-read IoT coverage Who are the founding members of the Ambient IoT Alliance? Founding members of the Ambient IoT Alliance include: Atmosic. Infineon Technologies AG. Intel. PepsiCo. Qualcomm. VusionGroup. Wiliot. The group’s founders hope businesses, telcos, technology vendors, …

US to Launch Cyber Trust Mark to Label Secure Smart Devices

US to Launch Cyber Trust Mark to Label Secure Smart Devices

Published by Webster

The U.S. government is set to introduce a seal of approval to help consumers identify secure internet-connected devices, the White House announced in a press release on Jan. 7. The U.S. Cyber Trust Mark will certify devices that meet certain security standards. Following the initiative’s first announcement in July 2023, the Federal Communications Commission provided details on Tuesday about how companies can submit their products for approval under the new label. The label applies to consumer devices only rather than connected devices intended for “manufacturing, industrial control or enterprise applications.” “We see great potential in the US Cyber Trust Mark Program,” said Michael Dolan, senior director and head of enterprise privacy and data protection at Best Buy, in the press release. “It is a positive step forward for consumers and we are excited about the opportunity to highlight this program for our customers.” The news comes as cyberattacks are increasingly plaguing companies and governments worldwide. In 2024, the Justice Department disrupted a cyberattack that had targeted consumer routers and connected cameras. SEE: Cybersecurity professionals struggle …

China’s SMIC Ramps Up Production of Decade-Old 28nm Chips, US Lawmakers Raise Concerns

Published by Webster

China’s largest chip maker SMIC is ramping up production of a decade-old chip technology, key to many industries’ supply chains, setting off alarm bells in the United States and prompting some lawmakers to try to stop them. The United States and allied nations could further step up restrictions if China announces a $144 billion support package for its chip industry, as Reuters exclusively reported on Tuesday, said TechInsights’ chip economist Dan Hutcheson. Starting with the Trump administration, the United States has been tightening the noose around China’s high-tech ambitions. It cut off the world’s largest telecommunications firm Huawei Technologies from the US market and technologies, as well as cut off air supply to China’s advanced chip making through a series of rules this year. But why worry about older chip technology? China, which in 2020 had 9 percent of the global chip market, has a track record of dominating key technologies by flooding the market with cheaper products and wiping out global competition, say China watchers. They did it with solar panels and 5G telecom …