Reports have broken that the Metaspoilt tool, which can be used to maneuver through networks, servers and even OSes, is now being used to control the physical world. Researchers have discovered a new addition on Metaspoilt that extends Metaspoilts capabilities into hardware devices. Cesare Garlati, Chief Security Strategist at the prpl Foundation commented below.
Cesare Garlati, Chief Security Strategist at the prpl Foundation:
“Being an advocate of open source, prpl welcomes the ability for Metaspoilt to be used to test hardware, which is often neglected in pentesting typically limited to networks and network connectivity. Hardware is critical to journey to securing IoT devices.
“While the Metaspoilt update brings with it the potential for more vulnerabilities to be discovered, I think it must be used responsibly, with ethical hackers giving vendors enough time to address problems before they are disclosed to the wide world.
“It will be a wake up call to device manufacturers to take the security of hardware in connected devices more seriously and in fact hardware is the key to making security more robust in connected devices. It also further confirms that security through obscurity just doesn’t work anymore and it’s time for a more proactive approach to securing embedded devices including using open source, security through separation with hardware virtualisation and a root of trust established at the hardware level.
“Overall, this is a positive step for connected device security.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…