Recep
@recepsec.bsky.social
The first-ever smart thermostat ransomware vulnerability was demonstrated in 2016: smart thermostat with an SD card slot for custom settings/wallpapers lacked file-type verification when executing files from the SD card. Attackers could disguise malware as benign files.
www.vice.com/en/article/i...
www.vice.com/en/article/i...
March 19, 2025 at 12:47 PM
The first-ever smart thermostat ransomware vulnerability was demonstrated in 2016: smart thermostat with an SD card slot for custom settings/wallpapers lacked file-type verification when executing files from the SD card. Attackers could disguise malware as benign files.
www.vice.com/en/article/i...
www.vice.com/en/article/i...
Old but gold :)
Impact:Remote account takeover of LG SmartThinQ appliances (e.g., refrigerators, ovens, vacuums) and spying via compromised devices.
Root: Flawed authentication logic in the SmartThinQ app/API, allowing attackers to bypass login.
thehackernews.com/2017/10/smar...
#IoT #cybersecurity
Impact:Remote account takeover of LG SmartThinQ appliances (e.g., refrigerators, ovens, vacuums) and spying via compromised devices.
Root: Flawed authentication logic in the SmartThinQ app/API, allowing attackers to bypass login.
thehackernews.com/2017/10/smar...
#IoT #cybersecurity
Hackers Could Turn LG Smart Appliances Into Remote-Controlled Spy Robot
Login bypass vulnerability in LG smart home appliance app could allow remote hackers to take control of your IoT devices and spy on your home.
thehackernews.com
March 19, 2025 at 12:44 PM
Old but gold :)
Impact:Remote account takeover of LG SmartThinQ appliances (e.g., refrigerators, ovens, vacuums) and spying via compromised devices.
Root: Flawed authentication logic in the SmartThinQ app/API, allowing attackers to bypass login.
thehackernews.com/2017/10/smar...
#IoT #cybersecurity
Impact:Remote account takeover of LG SmartThinQ appliances (e.g., refrigerators, ovens, vacuums) and spying via compromised devices.
Root: Flawed authentication logic in the SmartThinQ app/API, allowing attackers to bypass login.
thehackernews.com/2017/10/smar...
#IoT #cybersecurity
The blog details a vulnerability in Google Home devices that allows unauthorized access and control through a local network attack.
Amazing work.
downrightnifty.me/blog/2022/12...
#IoT #Cybersecurity
Amazing work.
downrightnifty.me/blog/2022/12...
#IoT #Cybersecurity
Turning Google smart speakers into wiretaps for $100k
I was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a "backd...
downrightnifty.me
March 19, 2025 at 12:39 PM
The blog details a vulnerability in Google Home devices that allows unauthorized access and control through a local network attack.
Amazing work.
downrightnifty.me/blog/2022/12...
#IoT #Cybersecurity
Amazing work.
downrightnifty.me/blog/2022/12...
#IoT #Cybersecurity
AIoT framework called MSF-Net for WiFi-based human activity recognition. Unlike typical IoT systems, MSF-Net enables local data acquisition and real-time decision-making. The research aims to improve smart home applications.
ieeexplore.ieee.org/stamp/stamp....
ieeexplore.ieee.org/stamp/stamp....
March 19, 2025 at 12:33 PM
AIoT framework called MSF-Net for WiFi-based human activity recognition. Unlike typical IoT systems, MSF-Net enables local data acquisition and real-time decision-making. The research aims to improve smart home applications.
ieeexplore.ieee.org/stamp/stamp....
ieeexplore.ieee.org/stamp/stamp....
Light Ears: Information Leakage via Smart Lights
Attacks exploit smart lights' infrared for data exfiltration and multimedia visualization for media inference, lacking proper access control.
What do we know about IoT cybersecurity?
arxiv.org/pdf/1808.07814
Attacks exploit smart lights' infrared for data exfiltration and multimedia visualization for media inference, lacking proper access control.
What do we know about IoT cybersecurity?
arxiv.org/pdf/1808.07814
March 19, 2025 at 12:28 PM
Light Ears: Information Leakage via Smart Lights
Attacks exploit smart lights' infrared for data exfiltration and multimedia visualization for media inference, lacking proper access control.
What do we know about IoT cybersecurity?
arxiv.org/pdf/1808.07814
Attacks exploit smart lights' infrared for data exfiltration and multimedia visualization for media inference, lacking proper access control.
What do we know about IoT cybersecurity?
arxiv.org/pdf/1808.07814
Vienna State Opera is something else.
March 16, 2025 at 2:36 PM
Vienna State Opera is something else.
I recently read the Venture Security blog: 10 Commandments of Commercial Security.
Adi Shamir—one of the minds behind RSA encryption—shared 10 timeless principles for building secure systems. Nearly 30 years later, they remain just as relevant.
ventureinsecurity.net/p/10-princip...
Adi Shamir—one of the minds behind RSA encryption—shared 10 timeless principles for building secure systems. Nearly 30 years later, they remain just as relevant.
ventureinsecurity.net/p/10-princip...
March 11, 2025 at 7:10 PM
I recently read the Venture Security blog: 10 Commandments of Commercial Security.
Adi Shamir—one of the minds behind RSA encryption—shared 10 timeless principles for building secure systems. Nearly 30 years later, they remain just as relevant.
ventureinsecurity.net/p/10-princip...
Adi Shamir—one of the minds behind RSA encryption—shared 10 timeless principles for building secure systems. Nearly 30 years later, they remain just as relevant.
ventureinsecurity.net/p/10-princip...
The New Hub for Spyware Startups?
Barcelona has become a major hub for cybercriminals due to its low cost compared to other tech hubs, and after the NSO scandal, Israeli hackers have also shifted their operations to the city, TechCrunch’s Cybersecurity Writer Lorenzo Franceschi-Bicchierai said.
Barcelona has become a major hub for cybercriminals due to its low cost compared to other tech hubs, and after the NSO scandal, Israeli hackers have also shifted their operations to the city, TechCrunch’s Cybersecurity Writer Lorenzo Franceschi-Bicchierai said.
March 11, 2025 at 7:09 PM
The New Hub for Spyware Startups?
Barcelona has become a major hub for cybercriminals due to its low cost compared to other tech hubs, and after the NSO scandal, Israeli hackers have also shifted their operations to the city, TechCrunch’s Cybersecurity Writer Lorenzo Franceschi-Bicchierai said.
Barcelona has become a major hub for cybercriminals due to its low cost compared to other tech hubs, and after the NSO scandal, Israeli hackers have also shifted their operations to the city, TechCrunch’s Cybersecurity Writer Lorenzo Franceschi-Bicchierai said.
Aviation is no longer just about aircraft and pilots—it’s a complex cyber-physical system heavily reliant on digital infrastructure. I recently had a chance to take a look at the book "Aviation Cybersecurity: Foundations, Principles, and Applications".
March 11, 2025 at 7:07 PM
Aviation is no longer just about aircraft and pilots—it’s a complex cyber-physical system heavily reliant on digital infrastructure. I recently had a chance to take a look at the book "Aviation Cybersecurity: Foundations, Principles, and Applications".
82% of respondents lack confidence that IoT devices protect user privacy and data. WWF’s State of the Connected World 2023 Edition says transparency is key: tell users what data is collected, who gets it, and what it could mean.
March 11, 2025 at 7:03 PM
82% of respondents lack confidence that IoT devices protect user privacy and data. WWF’s State of the Connected World 2023 Edition says transparency is key: tell users what data is collected, who gets it, and what it could mean.
Are we aware of Internet of Things (IoT) security?
I am playing around with IoT devices and recently found a great resource to build in my VirtualBox, AttifyOS. It is a distro for the penetration testing of IoT devices.
I am playing around with IoT devices and recently found a great resource to build in my VirtualBox, AttifyOS. It is a distro for the penetration testing of IoT devices.
March 11, 2025 at 7:02 PM
Are we aware of Internet of Things (IoT) security?
I am playing around with IoT devices and recently found a great resource to build in my VirtualBox, AttifyOS. It is a distro for the penetration testing of IoT devices.
I am playing around with IoT devices and recently found a great resource to build in my VirtualBox, AttifyOS. It is a distro for the penetration testing of IoT devices.
Ahahahahha, work/life balance is broken crypto guys!!
February 13, 2025 at 10:30 AM
Ahahahahha, work/life balance is broken crypto guys!!
One of the very important thing when you start to invest something:
February 6, 2025 at 2:03 PM
One of the very important thing when you start to invest something:
If you are interested in ETF investing, could be good for you to check it out.
corporate.vanguard.com/content/corp...
corporate.vanguard.com/content/corp...
Announcing the largest fee cut in Vanguard history
Effective February 1, 2025, the company has lowered the expense ratios of 168 share classes across 87 funds.
corporate.vanguard.com
February 4, 2025 at 11:01 AM
If you are interested in ETF investing, could be good for you to check it out.
corporate.vanguard.com/content/corp...
corporate.vanguard.com/content/corp...
Recently tried, great tool to help you with ethical hacking, social engineering, discovery, DDoS and more.
YouTube Video: https:// www.youtube.com/watch?v=zgdq...
github.com/4lbH4cker/AL...
YouTube Video: https:// www.youtube.com/watch?v=zgdq...
github.com/4lbH4cker/AL...
GitHub - 4lbH4cker/ALHacking: Albanian Hacking Tool!! Tools to help you with ethical hacking, Social media hack, phone info, Gmail attack, phone number attack, user discovery, Anonymous-sms, Webcam Ha...
Albanian Hacking Tool!! Tools to help you with ethical hacking, Social media hack, phone info, Gmail attack, phone number attack, user discovery, Anonymous-sms, Webcam Hack • Powerful DDOS attack ...
github.com
February 3, 2025 at 3:35 PM
Recently tried, great tool to help you with ethical hacking, social engineering, discovery, DDoS and more.
YouTube Video: https:// www.youtube.com/watch?v=zgdq...
github.com/4lbH4cker/AL...
YouTube Video: https:// www.youtube.com/watch?v=zgdq...
github.com/4lbH4cker/AL...
Another cyber warfare case we got:
Chinese hackers infiltrated the US Treasury Department's system by using a vulnerability in the cloud service of a service provider called "BeyondTrust".
www.techspot.com/news/106153-...
Chinese hackers infiltrated the US Treasury Department's system by using a vulnerability in the cloud service of a service provider called "BeyondTrust".
www.techspot.com/news/106153-...
Major cybersecurity breach hits US Treasury, linked to Chinese hackers
The breach, which occurred in early December 2024, exploited a vulnerability in BeyondTrust's remote support product. According to a letter the department sent to lawmakers that was...
www.techspot.com
February 3, 2025 at 3:34 PM
Another cyber warfare case we got:
Chinese hackers infiltrated the US Treasury Department's system by using a vulnerability in the cloud service of a service provider called "BeyondTrust".
www.techspot.com/news/106153-...
Chinese hackers infiltrated the US Treasury Department's system by using a vulnerability in the cloud service of a service provider called "BeyondTrust".
www.techspot.com/news/106153-...
Here is how you invest the future:
February 3, 2025 at 3:34 PM
Here is how you invest the future:
AI can process data, but it can’t fully understand context (for now). Humans can make complex social and emotional inferences by making intuitive decisions.
-A psychologist can sense a client’s trauma from nonverbal cues.
-A diplomat can read hidden threats from body language.
-A psychologist can sense a client’s trauma from nonverbal cues.
-A diplomat can read hidden threats from body language.
February 3, 2025 at 3:33 PM
AI can process data, but it can’t fully understand context (for now). Humans can make complex social and emotional inferences by making intuitive decisions.
-A psychologist can sense a client’s trauma from nonverbal cues.
-A diplomat can read hidden threats from body language.
-A psychologist can sense a client’s trauma from nonverbal cues.
-A diplomat can read hidden threats from body language.
AI can analyze data, but it cannot develop new and original ideas (for now). For example, Fleming's discovery of penicillin. He noticed that molds formed in a bacterial culture and killed the bacteria around them. He named the substance produced by this mold penicillin.
February 3, 2025 at 3:33 PM
AI can analyze data, but it cannot develop new and original ideas (for now). For example, Fleming's discovery of penicillin. He noticed that molds formed in a bacterial culture and killed the bacteria around them. He named the substance produced by this mold penicillin.
Recently I read, very much correct from J. Bezos:
"Stress primarily comes from not taking action over something that you can have some control over. So if some particular thing is causing me to have stress, that is a warning flag. "
"Stress primarily comes from not taking action over something that you can have some control over. So if some particular thing is causing me to have stress, that is a warning flag. "
February 3, 2025 at 3:33 PM
Recently I read, very much correct from J. Bezos:
"Stress primarily comes from not taking action over something that you can have some control over. So if some particular thing is causing me to have stress, that is a warning flag. "
"Stress primarily comes from not taking action over something that you can have some control over. So if some particular thing is causing me to have stress, that is a warning flag. "
threadreaderapp.com/thread/18788...
16 years ago, the EU and US economies were neck and neck.
Today, the US economy is 50% larger than the entire EU combined.
Here's the devastating truth behind Europe's ongoing economic suicide.
16 years ago, the EU and US economies were neck and neck.
Today, the US economy is 50% larger than the entire EU combined.
Here's the devastating truth behind Europe's ongoing economic suicide.
Thread by @itsolelehmann on Thread Reader App
@itsolelehmann: I'm German. 16 years ago, the EU and US economies were neck and neck. Today, the US economy is 50% larger than the entire EU combined. Here's the devastating truth behind Europe's ongo...
threadreaderapp.com
February 3, 2025 at 3:33 PM
threadreaderapp.com/thread/18788...
16 years ago, the EU and US economies were neck and neck.
Today, the US economy is 50% larger than the entire EU combined.
Here's the devastating truth behind Europe's ongoing economic suicide.
16 years ago, the EU and US economies were neck and neck.
Today, the US economy is 50% larger than the entire EU combined.
Here's the devastating truth behind Europe's ongoing economic suicide.
That is the engineering we need to see.
February 3, 2025 at 3:33 PM
That is the engineering we need to see.
Something I saw recently about finding an idea for startup or a project:
1. What am I good at, better than others?
2. Help people with this thing.
3. Prove your solution works. Validate the idea.
4. Monetize it!
Create:Brand Identity Map + Business Plan (Not with AI!)
1. What am I good at, better than others?
2. Help people with this thing.
3. Prove your solution works. Validate the idea.
4. Monetize it!
Create:Brand Identity Map + Business Plan (Not with AI!)
February 3, 2025 at 3:31 PM
Something I saw recently about finding an idea for startup or a project:
1. What am I good at, better than others?
2. Help people with this thing.
3. Prove your solution works. Validate the idea.
4. Monetize it!
Create:Brand Identity Map + Business Plan (Not with AI!)
1. What am I good at, better than others?
2. Help people with this thing.
3. Prove your solution works. Validate the idea.
4. Monetize it!
Create:Brand Identity Map + Business Plan (Not with AI!)