Security News

Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa

2022-02-11 21:51

The MXview software uses the MQTT server to distribute most of its IPC/RPC messages, they added, and most of the MXview APIs use the MQTT protocol to receive and handle requests. Mosquitto enables MQTT over Websockets, so that users can receive MQTT data via a web browser.

#critical #mqtt #RCE #CVE-2021-38458 #CVE-2021-38454

EMQ X Cloud now available on Microsoft Azure to help users carry out their IoT projects with MQTT

2021-07-28 01:00

EMQ announced that EMQ X Cloud is now available on Microsoft Azure. EMQ X Cloud is a fully managed MQTT service built on the worldwide used open-source MQTT broker - EMQ X, which has more than 10 million downloads and hundreds of thousands of deployments around the globe.

#azure #cloud #IOT #microsoft #mqtt

ETSI completes set of IoT MQTT and CoAP testing standards

2021-07-20 03:30

The ETSI committee on Methods for Testing and Specifications has recently completed a first set of seven standards addressing the testing of the IoT MQTT and CoAP protocols, and the foundational security IoT-Profile. "These new standards fill the gaps for the quality assessment of some of the most relevant communication protocols and system requirements of today's industrial IoT systems using standardized testing techniques from ETSI," says Axel Rennoch, Chair of the ETSI working group Testing in TC MTS. The ETSI testing standards.

#etsi #IOT #mqtt

DoS vulns in 3 open-source MQTT message brokers could leave users literally locked out of their homes or offices

2021-06-08 13:05

Synopsys Cybersecurity Research Centre has warned of easily triggered denial-of-service vulnerabilities in three popular open-source Internet of Things message brokers: RabbitMQ, EMQ X, and VerneMQ. The message brokers, responsible for handling data sent to or from IoT devices like smart home hubs and door locks, all share a common protocol: Message Queuing Telemetry Transport, first released in 1999 for monitoring oil pipelines and since repurposed for a variety of home and industrial automation tasks. Any disruption in MQTT messaging could potentially leave users locked out of their homes and offices.

#DOS #mqtt #office #opensource #CVE-2021-33175 #CVE-2021-22116 #CVE-2021-33176

Smart homes can be easily hacked via unsecured MQTT servers

2018-08-20 15:53

The Internet of Things is full of security holes, and the latest one has been pointed out by Avast researcher Martin Hron: unsecured MQTT servers. What is MQTT? The Message Queuing Telemetry...

#hacked #mqtt #server #smart

Open MQTT Servers Raise Physical Threats in Smart Homes

2018-08-16 13:44

Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.

#mqtt #server #smart #threat

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}