If this is the same one I remember from a couple years back, what’s not listed in this article: two different security teams warned them of the vulnerabilities multiple times, the vendor claimed to have fixed the issue when they hadn’t, the devices didn’t have any sort of physical bypass in case of malfunction, and what finally convinced the pen testers to go public was the company announcing that they planned to make a locking inflatable butt plug using the same platform.
If this is the same one I remember from a couple years back, what’s not listed in this article: two different security teams warned them of the vulnerabilities multiple times, the vendor claimed to have fixed the issue when they hadn’t, the devices didn’t have any sort of physical bypass in case of malfunction, and what finally convinced the pen testers to go public was the company announcing that they planned to make a locking inflatable butt plug using the same platform.
At some point the security vulnerabilities are a feature, not a bug. Butt plug ransomware is the latest sex toy fad.
It’s a new story, and the article doesn’t reveal the company… but… we all know which one it is.