|Заголовок=Philips Hue |Компания-разработчик= |Дата_релиза=2020/10/06 |Заголовок_для_новости= |Дата_публикации=2020/10/07 10:00:24 |Главная_новость=No |Отраслевая_новость=No |Fin_новость=No |Не_отправлять=No |Выводить_на_вторых=No |Выводить_в_рассылках=No |Заблокировать_публикацию=No |Заблокировать_кроме_шапки=No |Выделить_красным=No |Выделить_жирным=No |zdrav=No |Нет_рекламы_внутри=No |Нет_английской=No |Только_английская=No |Убрать_блок_заказчиков=No |Технологии= |Событие_повторяемое=No |В_календарь_на_главной=No |В_календарь=No |В_рекламный_календарь=No |Выделить=No

Content 2020 == == == Vulnerability that allows hackers to enter networks using an exploit in the protocol ZigBee

==

2020

==

==

==

When a long trip is planned, the Philips Hue system can be configured to turn on lights in the evenings at different times, mimicking the presence of people in the house. In addition, with the Philips Motion Sensor - a separate motion sensor - you can set the outdoor and indoor lights so that they light up when you register activity and warn you about unsupervised guests. This will help to be more vigilant. Also with Philips Hue you will no longer have to return to the dark house - a special application will determine your approach and will meet you with the lights already on.

Light that creates an ideal atmosphere for all activities

Philips Hue's smart lighting will be an indispensable solution for creating a cozy meeting with friends, a fun party or watching a football match on TV. For example, Philips Hue Play, capable of playing 16 million colors, can be connected to a TV using a laptop. So, the lighting will change depending on the image, music or games, creating adaptive dynamic lighting and amplifying the impression.

Light That Helps Everyday Life

Proper lighting will help you spend the day more efficiently. Phililps Hue is always ready to help wake up smoothly, charge with energy during breakfast, set up children to perform school tasks or provide the right lighting for reading and relaxing at the end of a busy day. Moreover, Philips Hue light solutions can be customized to suit your biorhythms. For example, the Philips Hue Bloom, Philips Hue Iris and Philips Hue Go series of lights can be used not only as a pretty night and point light source, but also as an alarm clock - they are easy to adjust to a smooth increase in brightness so that the bedroom gradually fills with light, and awakening was more pleasant. When it comes time to go to bed, you can set a mode of gradual fading of light in the room, which helps to relax faster and sleep firmly.

In Russia, Philips Hue light solutions will be available on store shelves and for purchase online from June 2020. Philips Hue Color Ambiance Starter kit E27, which includes 3 lamps for color lighting, will go on sale. You can also separately buy Philips Hue light strip LED tape and Philips Hue Play and Philips Hue Go lamps. In the second half of 2020, Signify will continue to expand the Philips Hue product range in the Russian market: Philips Hue Bloom and Philips Hue Iris lamps will go on sale, as well as the Philips Hue White Starter kit for classic lighting.

Vulnerability that allows hackers to enter networks using an exploit in the protocol ZigBee

On February 6, 2020, Check Point Software Technologies reported vulnerabilities that could allow a hacker to deliver ransomware or other malware to office and home networks by capturing smart bulbs and their controller.

Check Point researchers described how hackers can use IoT a network (smart light bulbs and the network bridge that controls them) to run attacks on conventional computer networks in homes, businesses, or even in. smart cities The researchers worked with market-leading smart lamps and Hue bridges Philips. They discovered vulnerabilities (CVE-2020-6007) that allowed them to enter networks using a remote exploit in a low- ZigBee wireless protocol energy consumption that is used to control a large number of IoT devices.

According to the company, in a study of the safety of smart light bulbs controlled using the ZigBee protocol, which was published in 2017, experts were able to gain control of the Hue light bulb on the network, install malicious on it ON and distribute it to other neighboring light bulb networks. Using the remaining vulnerability, Check Point researchers used the Philips Hue light bulb as a platform to fully control the network lamp control bridge. It should be noted that the next generations of Hue light bulbs have no exploitable vulnerability.

The attack is as follows:

• The hacker changes the color or brightness of the lamp to deceive users: this makes them think that the lamp is failing. The lamp appears as Unavailable in the custom management application, so owners will try to reset the settings.
• The only way to reset the settings is to remove the light bulb from the application, and then instruct the control network bridge to re-detect the lamp.
• The control bridge detects a lamp compromised by hackers, and it is its user who adds it back to his network.
• A hacker-controlled lamp with updated firmware uses ZigBee protocol vulnerabilities to cause a buffer overflow on the control bridge, sending it a large amount of data. This data also allows the hacker to install malware on a bridge, which, in turn, is connected to the right company or home network.
• The malware connects back to the hacker and the attacker, using a well-known exploit (for example, such as EternalBlue), can enter the desired IP network from the bridge to distribute ransomware or spyware.

Many of us know that IoT devices can be unsafe. This study shows that even the most common, seemingly simplest devices, such as light bulbs, can be used by hackers to seize networks and introduce malware. It is important that organizations and regular users protect themselves from possible attacks by regularly updating their devices and separating them from other computers on their networks. This is necessary to limit the possible spread of malware. For February 2020, in the complex landscape of fifth-generation attacks, it is necessary to control everything related to our networks. told Yaniv Balmas, Head of Cyber Research at Check Point Research

The study, conducted with the help information security of the Check Point Institute (CPIIS) in, Tel Aviv university was disclosed to Philips and (Signify owner of the Philips Hue brand) in November 2019. Signify confirmed the existence of a vulnerability in their product, and released a fixed version of Firmware 1935144040, which is available through automatic updates in February 2020.