An IoT educational exercise reveals a far-reaching vulnerability. [Research Saturday]

Guest Jake Valletta, Director of Professional Services at Mandiant, joins Dave to talk about the critical vulnerability Mandiant disclosed that affects millions of IoT devices. Mandiant disclosed a critical risk vulnerability in coordination with the Cybersecurity and Infrastructure Security Agency (“CISA”) that affects millions of IoT devices that use the ThroughTek “Kalay” network. This vulnerability, discovered by researchers on Mandiant’s Red Team in late 2020, would enable adversaries to remotely compromise victim IoT devices, resulting in the ability to listen to live audio, watch real time video data, and compromise device credentials for further attacks based on exposed device functionality. These further attacks could include actions that would allow an adversary to remotely control affected devices. The research can be found here: Mandiant Discloses Critical Vulnerability Affecting Millions of IoT Devices