Amazon's popular Blink home security cameras come packed with more than most consumers bargain for, including a variety of attack vectors that could allow criminals to hijack cameras and Blink accounts.
Researchers at Tenable found three separate vectors of attack — one of limited practicality, one of interest primarily to researchers, and one that actually poses a risk to consumers. The first involves physical access to the device, in which case the Blink camera's design makes it very easy to connect to the device, provide hard-coded credentials, and control the device.
The second vulnerability would allow attackers to launch a man-in-the-middle attack based on the camera's request for software updates or network information. The third, and most serious, involves network parameters passed to the camera that are not properly "sanitized" before being executed.
Tenable recommends that all Blink camera users allow automatic updates so the devices are kept up to date on software patches. The researchers say that they will provide more details on how to find and recognize already compromised cameras in the near future.
For more, read here.
Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full BioMore Insights
Support the originator by clicking the read the rest link below.
