The Miele PG 8528 is a "washer-disinfector" intended for hospitals and other locations with potentially dangerous pathogens on their dirty dishes; it's networked and smart. And dumb.
The PG 8528 is vulnerable to a web server directory traversal attack; connect to it with a browser and you can break out of its web server and attack its whole filesystem, implanting malware that you can use to attack other devices on the network (like this widely used automated drug cabinet with 1600+ known vulnerabilities and no new patches coming).
The PG 8528 isn't supposed to be connected to the public internet, but at least one has been spotted in the wild, because being good at running a hospital doesn't make you good at information security.
Miele was notified of the bug, but, after a cursory followup, dropped it and pretended it didn't matter.
But at some point, at least one of these dishwashers was connected and findable on the internet, according to Dan Tentler, a security researcher who's one of the best at finding internet of things that shouldn't be online.
"This is fucking hilarious. A dishwasher on the internet," Tentler told Motherboard in an online chat, explaining that it's possible he might be able to find more in the future, now that he knows how to look for them.
A Hackable Dishwasher Is Connecting Hospitals to the Internet of Shit
The United States Internal Revenue Service says it purchased access to a marketing database that offers location data for millions of US cellphones, so the IRS can identify and track persons suspected of tax-related crimes.
Following the discovery and prompting of a security researcher at Awake Security, Google says it has removed 106 malicious Chrome extensions that had 32 million downloads, and which were gathering browsing history and sensitive credentials from users.
Video-calling app Zoom has been on the end of sharp criticism for security weaknesses. In response, they announced today a plan to offer end-to-end encryption for all users, with a trial to begin next month.
With all due respect to our vegetarian friends, there might be nothing more intrinsically linked to the 4th of July holiday than a big ole cookout. Sure, fireworks and celebrating the birth of a constitutional republic are great too, but showing off your cooking prowess with a brilliantly seared, mouth-watering slab of grade-A American beef […]
We’re at the midway point of 2020. So…how’s the year going for you so far? Yeah…we can guess. But while there’s a lot about 2020 we can’t directly control, maybe a little retail therapy can help make you feel better. Sure, the 39 items we gathered together can absolutely bring a smile to your face. […]
When revved-up kids used to dribble a basketball through the kitchen or practice their footwork with a soccer ball in front of the television, exasperated parents would often just send ‘em outside to play. But these days, sending kids out might not be the best course of action. Despite all the changes, many budding young […]