SO timely!
I’ve recently been on the market for certain tech that has lead me to add #Nexx products to my short list.
Not anymore!
‘Smart’ Garage Door Company Nukes Key #Feature After Ignoring #Vulnerability For Months | Techdirt
https://www.techdirt.com/2023/04/13/smart-garage-door-company-nukes-key-feature-after-ignoring-vulnerability-for-months/
#IOT #security #DoorLocks #HomeSecurity
#homesecurity #doorlocks #security #iot #vulnerability #feature #nexx
This Week in Security: Cookie Monster, CyberGhost, NEXX, and Dead Angles https://hackaday.com/2023/04/07/this-week-in-security-cookie-monster-cyberghost-nexx-and-dead-angles/ #ThisWeekinSecurity #supplychainattack #HackadayColumns #SecurityHacks #News #NEXX #vpn
#ThisWeekinSecurity #supplychainattack #HackadayColumns #SecurityHacks #News #nexx #vpn
This Week in Security: Cookie Monster, CyberGhost, NEXX, and Dead Angles - “Operation Cookie Monster” ranks as one of the best code names in recent memory. A... - https://hackaday.com/2023/04/07/this-week-in-security-cookie-monster-cyberghost-nexx-and-dead-angles/ #thisweekinsecurity #supplychainattack #hackadaycolumns #securityhacks #news #nexx #vpn
#vpn #nexx #news #securityhacks #hackadaycolumns #supplychainattack #thisweekinsecurity
US government warning! What if anyone could open your garage door? - Grab a message/Play it back/You've just performed/A big phat hack... https://nakedsecurity.sophos.com/2023/04/05/us-government-warning-what-if-anyone-could-open-your-garage-door/ #responsibledisclosure #vulnerability #vulnerbility #cybercrime #privacy #hacking #nexx #iot
#iot #nexx #hacking #privacy #cybercrime #vulnerbility #vulnerability #responsibledisclosure
security on the IoT, Internet Of Things.
"...worn-out cliché that the S in IoT—short for the umbrella term Internet of Things—stands for security. ..."
https://arstechnica.com/information-technology/2023/04/open-garage-doors-anywhere-in-the-world-by-exploiting-this-smart-device/
"A universal password that’s easy to find"
that phrase alone should scare you.
TL;DR unplug your garage door opener and other devices from the internet.
#security #iot #nexx #internet
Open #Nexx garage doors anywhere in the world by exploiting this “smart” device https://arstechnica.com/information-technology/2023/04/open-garage-doors-anywhere-in-the-world-by-exploiting-this-smart-device/
Open garage doors anywhere in the world by exploiting this “smart” device
Each $80 device used to open and close garage doors and control home #security alarms and smart power plugs employs the same easy-to-find universal #password to communicate with #Nexx servers. The controllers also broadcast the #unencrypted email address, device ID, first name, and last initial corresponding to each one
#privacy
#privacy #unencrypted #nexx #password #security
“Researcher Sam Sabetan found that devices use the same password to communicate with the Nexx cloud.”
“Nexx has consistently ignored communication attempts from myself, the Department of Homeland Security, and the media.”
Fucking hell.
If you have a #Nexx device, UNPLUG IT RIGHT NOW.
Hello @internetofshit
“Open garage doors anywhere in the world by exploiting this “smart” device”
Open garage doors anywhere in the world by exploiting this “smart” device - Enlarge (credit: Getty Images)
A market-leading garage door co... - https://arstechnica.com/?p=1929120 #internetofthings #garagedoor #biz #nexx #iot
#iot #nexx #biz #garagedoor #internetofthings
Ars Technica: Open garage doors anywhere in the world by exploiting this “smart” device https://arstechnica.com/?p=1929120 #Tech #arstechnica #IT #Technology #Internetofthings #garagedoor #Biz&IT #nexx #iot
#Tech #arstechnica #it #technology #internetofthings #garagedoor #biz #nexx #iot
If you have a #nexx you might want to turn it off.
#cve
Use of Hard-coded Credentials CWE-798 (CVE-2023–1748, CVSS3.0: 8.6)
Authorization Bypass Through User-Controlled Key CWE-639 (CVE-2023–1749, CVSS3.0: 6.5)
Authorization Bypass Through User-Controlled Key CWE-639 (CVE-2023–1750, CVSS3.0: 7.1)
Improper Input Validation CWE-20 (CVE-2023–1751, CVSS3.0: 7.5)
Improper Authentication Validation CWE-287 (CVE-2023–1752, CVSS3.0: 8.1)
A security researcher found a series of vulnerabilities with the Nexx brand of smart garage openers. He says he could remotely find garages to target, and then open them across the internet.
https://www.vice.com/en/article/pkadqy/hackers-can-remotely-open-smart-garage-doors-across-the-world-simpaltek
#CYBER #Hacking #worldnews #worldprivacy #hackers #nexx #smartdevices #InternetofThings
#cyber #hacking #worldnews #worldprivacy #hackers #nexx #smartdevices #internetofthings
new helmet in the wardrobe
#motorcycle #advrider #enduro #nexx #nexxhelmet #helmet #bikelife
#bikelife #helmet #nexxhelmet #nexx #enduro #advrider #motorcycle