Discover and read the best of Twitter Threads about #cyberAlarm
Most recents (2)
#cyberAlarm is installed in many schools, companies, a Formula 1 team and many more.
The risk it presents to those involved is enormous - I've already remotely lifted files from an internal network because they ran a vulnerable version ()
2/x
The risk it presents to those involved is enormous - I've already remotely lifted files from an internal network because they ran a vulnerable version ()
2/x
With each update, my email inbox fills with desperate network admins who want to push back against management pressure to install it, but can't argue because previous vulns may have been patched.
Because of this, I've torn CA apart 5 times and found critical flaws each time.
3/x
Because of this, I've torn CA apart 5 times and found critical flaws each time.
3/x
This thread is directed towards the increasing number of #EDUs and firms contacting me regarding #Police #cyberAlarm
2 weeks ago, I remotely hacked a cyberAlarm installation upon a request by an EDU. Following a brief review, a number of critical issues came to light
1/x
2 weeks ago, I remotely hacked a cyberAlarm installation upon a request by an EDU. Following a brief review, a number of critical issues came to light
1/x
... prompting a pinned tweet.
Unfortunately, the severity of the issues left me with no choice but to contact @PoliceChiefs
Since then, it's been radio silence for which I can only apologise. However, there's been a hive of activity behind the scenes.
2/x
Unfortunately, the severity of the issues left me with no choice but to contact @PoliceChiefs
Since then, it's been radio silence for which I can only apologise. However, there's been a hive of activity behind the scenes.
2/x
I'm very pleased to say that @PoliceChiefs have been absolutely exemplary throughout. Several emails, 2 video calls and a detailed walk-thru later, they made the difficult decision to take several features offline. This was done within an hour of my first call!
3/x
3/x
