Ethically Hacking into Children's IoT Devices

Logo
Presented by

Senior Security Consultant, Elliott Thompson

About this talk

Join Elliott Thompson, SureCloud's Senior Security Consultant as he discusses a critical disclosure discovered on the children's VTech Storio Max tablet, which allowed attackers full access to the device including the webcam, speakers and microphone. This interactive session will cover the following: •How to approach unusual devices from a methodology standpoint •Identifying how manufacturers can break a secure base (Android phone with Vtech software) •Triaging of the custom parts of devices •How accessible ARM assembly can be The disclosure was reported to VTech, and a patch fixing the vulnerability was released within 30 days. The vulnerability was granted a CVE, and the story was featured on the BBC and at InfoSec’s Geek Street.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (70)
Subscribers (10516)
SureCloud provides Cloud-based GRC Applications and Cybersecurity Services that help our customers achieve an integrated approach to managing their risk, compliance and information security. The SureCloud Platform is simple but powerful technology that gives our customers a single source to view and manage GRC and cybersecurity processes from anywhere in the world. Our customers benefit from automating formerly spreadsheet-driven processes but increasingly from addressing strategic initiatives such as the EU GDPR, ISO 27001, IRAM2, NIST, PCI and others. Check our CYBERSECURITY content here: https://www.brighttalk.com/channel/17769/ Register to our USA channel here: https://www.brighttalk.com/channel/17677/