Tip 01 De iPhone Xs heeft twee verschillende camera’s die samenwerken om betere
After setting up a rogue Wi-Fi access point, which could be placed at a tourist attraction, and once the camera is in range and connected, an exploit is run that accesses the SD card and encrypts any photos it contains.
Check Point Software noticed that the Picture Transfer Protocol (PTP) - which is unauthenticated in both wired and wireless modes - is particularly vulnerable to malware attacks. But while this particular model was chosen for the experiment, researchers warn that any internet-connected digital camera could be vulnerable to the attacks.
Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
The critical flaw in Canon's Picture Transfer Protocol was reveled by Security Company Check Point Research during Hacking Conference DEF CON 2019.
The researchers say there are a few things camera owners can do to avoid being infected: make sure the camera is using the latest version issued by the firm, and install a patch if available; turn off the camera's WiFi when not in use; when using WiFi, use the camera as the WiFi access point, rather than connecting the camera to a public WiFi network. The attack could ultimately end up with the photos on the camera being locked by ransomware.
Unless photography is your career, photos might not seem like the juiciest ransomware target, but in terms of sentimental value, they can be right up there as the researchers note.
While malware on a camera might not sound like an immediate issue for an enterprise, it's entirely possible that a compromised device could be used as a stepping stone for other attacks.
"Initially focused on image transfer, this protocol has evolved to include dozens of different commands that support anything from taking a live picture to upgrading the camera's firmware", the report says. "Our research is just one more example to the relatively low state of security in day-to-day embedded devices", he added. Since then, they've worked together with Canon to patch the vulnerabilities that were found, which is why these findings were released alongside an official Security Advisory from Canon itself.
If you use a Canon DSLR and haven't seen a firmware update in a while, it's probably an excellent idea to keep an eye on Canon's support page until you do.
The details of the vulnerability and how it was exploited are complicated, and you can read all about it on Check Point Research's website.
Noticias recomendada
- Wall St drops at open as trade war stokes fears of recession
- Google Services Going Passwordless on Android
- Schedule release: Celtics open season October 23 in Philly
- Missy Elliott To Receive MTV's Vanguard Award At Upcoming VMAs
- Cinco niños mueren tras incendio de guardería en Estados Unidos
- Thai racer Albon trades places with Gasly on Red Bull F1 team
- Five killed in test accident at state nuclear company in Russian Federation
- With additional security shortcomings, WhatsApp faces a safety issue ahead
- Argandoña arribó oficialmente a "Bienvenidos" como coanimadora — Volvió
- FIFA World Cup: A tournament for everyone
