Security News > 2021 > April > We need to talk about criminal adversaries who want you to eat undercooked onion rings

We need to talk about criminal adversaries who want you to eat undercooked onion rings
2021-04-20 11:37

Bad news for lockdown slimmers who've ignored advice about not needing to connect every friggin' appliance in their home to the internet: Talos researchers have sniffed out security flaws allowing attackers to hijack your air fryer.

Specifically, Cisco's infosec arm said it had tested and confirmed that the Cosori Smart 5.8-Quart Air Fryer CS158-AF, version 1.1.0, could be exploited by a theoretical fried-chicken-hater.

Attackers can then "Change temperatures, cooking times and settings on the air fryer, or [even] start it without the user's knowledge."

The Internet of Things is a security nightmare, latest real-world analysis reveals: Unencrypted traffic, network crossover, vulnerable OSes.

Cisco's infosec arm advised that folks using open-source network intrusion detection system Snort to sniff out suspicious traffic could detect exploitation attempts using the 56729 rule.

The kicker? "The adversary must have physical access to the air fryer for some of these vulnerabilities to work."


News URL

https://go.theregister.com/feed/www.theregister.com/2021/04/20/cisco_talos_corosi_flaws/