Zee · @zyz
69 followers · 2275 posts · Server mas.to

SO timely!

I’ve recently been on the market for certain tech that has lead me to add products to my short list.

Not anymore!

‘Smart’ Garage Door Company Nukes Key After Ignoring For Months | Techdirt

techdirt.com/2023/04/13/smart-

#homesecurity #doorlocks #security #iot #vulnerability #feature #nexx

Last updated 2 years ago

DJW · @wurzbacher
343 followers · 142 posts · Server ohai.social

Ars buried the lede re Nexx devices.

Turns out there were three months of private comms from researcher to Nexx, to which they apparently failed to respond. While also failing to fix any part of this glaring idiocy.

geeknews.chat/@arstechnica/110

#iot #nexx #security

Last updated 2 years ago

GeekProjects News · @news
4 followers · 3116 posts · Server geekprojects.com
IT News · @itnewsbot
3074 followers · 255592 posts · Server schleuss.online

This Week in Security: Cookie Monster, CyberGhost, NEXX, and Dead Angles - “Operation Cookie Monster” ranks as one of the best code names in recent memory. A... - hackaday.com/2023/04/07/this-w

#vpn #nexx #news #securityhacks #hackadaycolumns #supplychainattack #thisweekinsecurity

Last updated 2 years ago

ITSEC News · @itsecbot
1235 followers · 34450 posts · Server schleuss.online
Al · @mral
60 followers · 1539 posts · Server mastodon.sdf.org

security on the IoT, Internet Of Things.

"...worn-out cliché that the S in IoT—short for the umbrella term Internet of Things—stands for security. ..."

arstechnica.com/information-te
"A universal password that’s easy to find"
that phrase alone should scare you.

TL;DR unplug your garage door opener and other devices from the internet.

#security #iot #nexx #internet

Last updated 2 years ago

Sander Goudswaard · @sgoudswaard
114 followers · 194 posts · Server mastodon.green

#nexx

Last updated 2 years ago

PrivacyDigest · @PrivacyDigest
278 followers · 1056 posts · Server mas.to

Open garage doors anywhere in the world by exploiting this “smart” device

Each $80 device used to open and close garage doors and control home alarms and smart power plugs employs the same easy-to-find universal to communicate with servers. The controllers also broadcast the email address, device ID, first name, and last initial corresponding to each one

arstechnica.com/?p=1929120

#privacy #unencrypted #nexx #password #security

Last updated 2 years ago

Dave Rahardja · @drahardja
743 followers · 3048 posts · Server sfba.social

“Researcher Sam Sabetan found that devices use the same password to communicate with the Nexx cloud.”

“Nexx has consistently ignored communication attempts from myself, the Department of Homeland Security, and the media.”

Fucking hell.

If you have a device, UNPLUG IT RIGHT NOW.

Hello @internetofshit

“Open garage doors anywhere in the world by exploiting this “smart” device”

arstechnica.com/information-te

#nexx

Last updated 2 years ago

IT News · @itnewsbot
3066 followers · 255241 posts · Server schleuss.online

Open garage doors anywhere in the world by exploiting this “smart” device - Enlarge (credit: Getty Images)

A market-leading garage door co... - arstechnica.com/?p=1929120

#iot #nexx #biz #garagedoor #internetofthings

Last updated 2 years ago

Tech news from Canada · @TechNews
427 followers · 11863 posts · Server mastodon.roitsystems.ca

Ars Technica: Open garage doors anywhere in the world by exploiting this “smart” device arstechnica.com/?p=1929120 &IT

#Tech #arstechnica #it #technology #internetofthings #garagedoor #biz #nexx #iot

Last updated 2 years ago

sdolan · @sdolan
37 followers · 11 posts · Server macaw.social

If you have a you might want to turn it off.

Use of Hard-coded Credentials CWE-798 (CVE-2023–1748, CVSS3.0: 8.6)

Authorization Bypass Through User-Controlled Key CWE-639 (CVE-2023–1749, CVSS3.0: 6.5)

Authorization Bypass Through User-Controlled Key CWE-639 (CVE-2023–1750, CVSS3.0: 7.1)

Improper Input Validation CWE-20 (CVE-2023–1751, CVSS3.0: 7.5)

Improper Authentication Validation CWE-287 (CVE-2023–1752, CVSS3.0: 8.1)

vice.com/en/article/pkadqy/hac

#nexx #cve

Last updated 2 years ago

Motherboard · @Motherboard
299 followers · 471 posts · Server federated.press

A security researcher found a series of vulnerabilities with the Nexx brand of smart garage openers. He says he could remotely find garages to target, and then open them across the internet.
vice.com/en/article/pkadqy/hac

#cyber #hacking #worldnews #worldprivacy #hackers #nexx #smartdevices #internetofthings

Last updated 2 years ago

motourer.de · @motourer
12 followers · 60 posts · Server mastodon.online