Ethically Hacking into Children's IoT Devices

Logo
Presented by

Senior Security Consultant, Elliott Thompson

About this talk

Join Elliott Thompson, SureCloud's Senior Security Consultant as he discusses a critical disclosure discovered on the children's VTech Storio Max tablet, which allowed attackers full access to the device including the webcam, speakers and microphone. This interactive session will cover the following: •How to approach unusual devices from a methodology standpoint •Identifying how manufacturers can break a secure base (Android phone with Vtech software) •Triaging of the custom parts of devices •How accessible ARM assembly can be The disclosure was reported to VTech, and a patch fixing the vulnerability was released within 30 days. The vulnerability was granted a CVE, and the story was featured on the BBC and at InfoSec’s Geek Street.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (13)
Subscribers (544)
SureCloud also offers a wide range of Cybersecurity testing and assurance services, where we stay with you throughout the entire test life-cycle from scoping through to vulnerability discovery and remediation. Certified by the National Cyber Security Centre (NCSC) & CREST and delivered using the innovative Pentest-as-a-Service (underpinned by a highly configurable technology platform), SureCloud acts as an extension of your in-house security team and ensures you have everything you need to improve your risk posture.