My latest research is out today. USBAnywhere let's you plug in any USB device to Supermicro servers over IP. More over at Eclypsium's blog: https://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/
My son noticed our unlocked ZTE Trek 2 HD tablet showed LTE on Google Fi but Firefox claimed it was offline. Best I can gather, AT&T/ZTE stopped shipping updates after Android 7.1. Guessing Fi won't let such an old patch level on the network. Trying to update to LineageOS has been 2 hours of frustration due to bootloader nonsense. Tablets aren't supposed to be disposable.
I spent all day looking for vulns in a IoT clothes dryer. What did I find?
* HTTPS to talk to backend service
* XMPP w/ STARTTLS to steam events
* Cert pinning so no MitM
* Android app obfuscated w/ no obvious backend URLs or certs
* Dryer runs an AP for initial setup w/ DHCP and HTTPS servers
* That HTTPS requires auth with a password printed on a label near the door
Best I could do was get the DHCP server to serve the same IP to every request.
Well done GE.