home.social
Sign in Create account

#minut — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #minut, aggregated by home.social.

  1. Polska @[email protected] ·

    europesays.com/pl/368814/ Botaniczna Piątka – bieg w Ogrodzie Botanicznym UMCS – 2026 – Aktualności – Lublin #"Zielona #10:00 #11:15 #12:00 #bieg #czas #czerwona #dostępne #dystansie #fale #głównym: #godzinie #grupa #lublin #marsz #marszobieg #minut #PL #podczas #pokonanie #Poland #Polish #Polska #Polski #start #trasy: #żółta

    #zolta #trasy #start #polski #polska #polish
  2. Troed Sångberg @[email protected] ·

    SECURITY ADVISORY - PUBLIC DISCLOSURE
    2024-11-14

    Minut M2 (P2/Point) IoT devices with firmwares up to and including #15142 are susceptible to hostile takeover by a physically proximate attacker. The vendor was notified 2024-08-16 and any device in active use should have received updated firmware.

    These devices are marketed towards the short-term rental market thus the intended use case is for possible attackers to have physical access, and the attack can be performed through the externally accessible USB-C port. The attack gives full persistent control over the device and can be used to invalidate the intended notifications for the short-term rental host regarding noise levels and occupancy by guests. It's also possible for an attacker to persist surveillance code that will spy on other guests and/or the host and exfiltrate over the network.

    The attacker needs to have crafted new firmware in advance using keys extracted from any other Minut M2 device running firmware #15142 or below.

    Minut M2 owners should verify that their devices have received a recent firmware update to at least version #1056696.

    Vendor website: minut.com

    Research and reporting by Troed Sångberg, Amlisoft AB

    #NoCVE #CyberSecurity #IoT #Minut

    #nocve #cybersecurity #iot #minut