Einschränkung der Auswahl
Alle Artikel aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2008/2009
oder nur Artikel des
• Entwickler Magazin aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2008-2010
alle (lang!)
• Mobile Technology aus
2019
2016
2015
2014
2012/2013
alle (lang!)
• PHP Magazin / PHP User aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2009/2010
alle (lang!)
• windows.developer / dot.Net Magazin aus
2019
2018
2017
2016
2015
2014
2013
2012
2008-2011
alle (lang!)
• oder der anderen Magazine
Embedded (In)security
Wie sieht es mit der Sicherheit von Embedded Devices aus?
Im
windows.developer 10.2013
ist ein Artikel über die Sicherheit von Embedded Devices erschienen.
Vorgestellt werden theoretische und praktische Angriffe auf verschiedene
Embedded Devices wie zum Beispiel
- die Steuerrechner von Druckern und Multifunktionsgeräten,
- allgemein die Webserver in Embedded Devices sowie
- Insulinpumpen und andere Medizintechnik im und am Menschen.
Links
- [1] Carsten Eilers: "Google Hacking: Portale und Netzwerkhardware finden"
- [2] Paul Ducklin, Sophos: "86,800 network printers open to the whole internet - is one of them yours?"
- [3] Exploit DB: "Brother HL-5370DW series auth bypass printer flooder"
- [4] Graham Cluley, Sophos: "HP LaserJet printers at risk of fiery hacker attack"
- [5] Paul Ducklin, Sophos: "FLAMING RETORT: Putting out the HP printer fires"
- [6] Graham Cluley, Sophos: "Have you patched your printer?"
- [7] Exploit DB: "Lexmark Multiple Laser printer Remote Stack Overflow"
- [8] Paul Roberts, Sophos: "Hard-coded password found in Samsung printers, security fix planned"
- [9] Paul Ducklin, Sophos: "HP printers in 1980s-style firmware misconfiguration boo-boo"
- [10] Graham Cluley, Sophos: "HP patches printer firmware flaw, but leaves customers guessing"
- [11] Carsten Eilers: "Was ist ein Advanced Persistent Threat (APT)?"
- [12] Carsten Eilers: "Drive-by-Infektionen - Gefahren drohen überall"
- [13] Michael Sutton, Black Hat USA 2011: "Corporate Espionage for Dummies: The Hidden Threat of Embedded Web Servers"
- [14] Basic Request Embedded Web Server Scanner (brEWS)
- [15] Internet Census 2012
(alternativ auf
bitbucket.org
- [16] Internet Census 2012: Bilder
- [17] EXFiLTRATED - Internet Census 2012 Search
- [18] Kevin Poulsen, SecurityFocus: "Nachi worm infected Diebold ATMs"
- [19] Vanja Svajcer, Sophos: "Credit card skimming malware targeting ATMs"
- [20] Robert McMillan, CSO Blogs: "Diebold says hackers put Trojan on Russian ATMS"
- [21] Trustwave: "Automated Teller Machine (ATM) Malware Analysis Briefing"
(PDF)
- [22] Brendan Lewis, Juniper: "Juniper’s Decision To Postpone 'Jackpotting Automated Teller Machines'"
- [23] Barnaby Jack, Black Hat USA 2010: "Jackpotting Automated Teller Machines Redux"
- [24] Dennis Fisher, Threatpost: "Throwback Barnaby Jack: Jackpotting ATMs"
- [25] Jerome Radcliffe, Black Hat USA 2011: "Hacking Medical Devices for Fun and Insulin"
- [26] Carsten Eilers: "Gap of War", windows.developer 7.2013
- [27] Barnaby Jack, Black Hat Abu Dhabi 2011: "Life Threatening Vulnerabilities"
- [28] S. Smithson, The Washington Times: "Insulin pumps, other medical devices vulnerable to computer hackers"
- [29] Jim Finkle, Reuters: "Exclusive: Medtronic probes insulin pump risks"
- [30] Jordan Robertson, Blomberg: "Hacker Shows Off Lethal Attack By Controlling Wireless Medical Device"
- [31] Gadi Evron, Chaos Communication Camp 2007: "Hacking the Bionic Man"
- [32] Barnaby J. Feder, The New York Times: "A Heart Device Is Found Vulnerable to Hacker Attacks"
- [33] Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, William H. Maisel: "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses"
(PDF)
- [34] FAQ zu [33]
- [35] Archimedes – Ann Arbor Reserarch Center for Medical Device Security
- [36] Barnaby Jack, IOActive Labs Research: "'Broken Hearts': How plausible was the Homeland pacemaker hack?"
- [37] Barnaby Jack, Black Hat USA 2013: "Implantable Medical Devices: Hacking Humans"
- [38] William Alexander, VICE Canada: "Barnaby Jack Could Hack Your Pacemaker and Make Your Heart Explode"
- [39] Black Hat USA 2013: Remembering Barnaby Jack
- [40] Amanda Holpuch, The Guardian: "Hacker Barnaby Jack dies in San Francisco aged 35"
- [41] Dennis Fisher, Threatpost: "Remembering Barnaby Jack"
- [42] Paul Roberts, Threatpost: "FDA: Software Failures Responsible for 24% Of All Medical Device Recalls"
- [43] Anna Saita, Threatpost: "FDA Urged to More Rigorously Evaluate Medical Devices' Security Risks"
- [44] Dennis Fisher, Threatpost: "Medical Device Security in Need of Major Upgrade"
- [45] Chris Brook, Threatpost: "FDA Warns Medical Device Manufacturers to Take Security More Seriously"
- [46] Die BHKW-Infothek: "Kritische Sicherheitslücke ermöglicht Fremdzugriff auf Systemregler des Vaillant ecoPOWER 1.0"
- [47] Charlie Miller, Black Hat USA 2011: "Battery Firmware Hacking"
- [48] Andy Greenberg, Forbes: "Hackers Reveal Nasty New Car Attacks--With Me Behind The Wheel (Video)"
- [49] ESET We live Security: "'Car hackers' to show off how they can 'control' vehicles with a laptop"
- [50] Candid Wueest, Symantec: "When Car Hacking Turns Your Vehicle into a Video Game"
- [51] Paul Ducklin, Sophos: "What WERE they thinking? Internet-enabled cameras under the security lens once again..."
- [52] Zachary Cutlip, Black Hat USA 2012: "SQL Injection to MIPS overflows: Rooting SOHO Routers"
- [53] Juan Vazquez, Metasploit: "Compromising Embedded Linux Routers with Metasploit"
- [54] Ben Nahorney, Symantec: "Linux.Psybot—Is Your Router Secure?"
- [55] HD Moore, Metasploit: "Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play."
- [56] Carsten Eilers: "RSA und die schwachen Schlüssel, Teil 2: Die Schlüssel"
- [57] Carsten Eilers: "RSA und die schwachen Schlüssel, Teil 3: Die Gefahren"