IoT Security Research
Introduction The following technical report provides background information relating to four CVEs found in the following products: Ultraloq UL3 BT (2nd Generation) (Firmware 02.27.0012) – CVE-2022-46480 Yale Conexis L1 Smart Lock (Firmware v1.1.0) – CVE-2023-26941 Yale IA-210 Intruder Alarm (Firmware v1.0) – CVE-2023-26942 Yale Keyless Smart Lock (Firmware v1.0) – CVE-2023-26943 The work discussed here …
Continue reading “CVE-2022-46480, CVE-2023-26941, CVE-2023-26942, CVE-2023-26943”
The consensus at the moment seems to be that academic qualifications for cybersecurity are expensive, out of date, and do not prepare students for life in the real world. I agree. However, that does not mean they are not useful, and indeed I would say that they are probably the first thing hiring managers should …
Continue reading “In Defence of Academic Qualifications in Cybersecurity”
The details below discuss the vulnerabilities found in the following devices: The use of low-frequency (LF) RFID tags is a significant security issue. These tags do not support any form of encryption and so can be read using an NFC-equipped mobile phone or dedicated reader in under a second. The only information encoded is a …
Continue reading “Smart Security Device RFID Vulnerability Disclosure”
The details below discuss the vulnerabilities found in the following devices: WAFU Keyless Smart Lock (firmware v1.0) – CVE-2023-34553 An attacker can use a software-defined radio to capture commands sent to the alarm from the remote keyfob. As no rolling code is implemented, it is a simple matter to play back the code and gain …
Continue reading “Wireless Smart Lock Vulnerability Disclosure”
The details below discuss the vulnerabilities found in the following devices: All of the devices above demonstrate the same security weakness. An attacker can use a software-defined radio to capture commands sent to the alarm from the remote keyfob. As no rolling code is implemented, it is a simple matter to play back the code …
Continue reading “Wireless Alarm System Vulnerability Disclosure”
Recently I had a chance to look at a number of intruder alarm systems sold via Amazon and eBay. These devices sell for up to £150, and a number are best sellers As discussed in my last post, RF frequency communication can be captured relatively easily, using a software-defined radio (SDR). All four devices use …
Have you ever wondered how wireless devices like remote controls or wireless sensors work? Chances are they use 433MHz radio technology. However, as with any technology, 433MHz radio signals can be vulnerable to hacking and exploitation. In this blog post, we’ll take a closer look at how 433MHz radio signals work, the tools and techniques …
With all the hype around ChatGPT, I thought I’d give it a go at writing this next post. So here we are: The Internet of Things (IoT) has revolutionized the way we live and work, connecting a vast array of devices and enabling them to communicate and share data. However, as the number of IoT …
I thought I’d give some brief references for anyone interested in IoT hacking. My experience here is fairly comprehensive; I have a couple of CVEs already, with a few more in the pipeline. My Masters dissertation was on the topic, and I am writing papers on it as part of my PhD work. BOOKS: There …
So, for the past two years I have been studying for a Masters in Cybersecurity part time, and thankfully managed to pass with a Distinction. Yay! It’s an itch that I’ve been wanting to scratch for a good long while, and I’m glad to have done it. This leads me on to my next announcement. …