P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders. If the code stamped on your IoT device begins with one of these, it is vulnerable.

IoT 256

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 208

2 Million IoT Devices Have P2P Software Flaw: Researcher

Data Breach Today

Vulnerabilities Found in Security Cameras, Baby Monitors and More An independent security researcher is warning about a vulnerability in peer-to-peer software used in millions of IoT devices that could allow a hacker to eavesdrop on conversations or turn these items into a botnet

IoT 243

2019 IoT Security Outlook

Data Breach Today

DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings

IoT 148

The Role of 'Prosilience' in IoT Security

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service

IoT 191

Extinguishing the IoT Insecurity Dumpster Fire

Threatpost

Or will legislation - such as the recent UK mandate announced this week - help boost IoT security? IoT Podcasts Privacy DDoS attack IoT security iot security solution P2P PKI uk iot regulation US IoT BillWill connected devices be insecure forever?

IoT 68

A hacker has taken over at least 29 IoT botnets

Security Affairs

Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few week s with brute-force attacks.

IoT 110

Actionable Threat Intel in the IoT Era

Data Breach Today

Vishak Raman of Cisco on Coping With the Expanding Attack Surface The advent of IoT devices and IT/operational technology integration have dramatically expanded the attack surface.

IoT 179

Cataloging IoT Vulnerabilities

Schneier on Security

Recent articles about IoT vulnerabilities describe hacking of construction cranes , supermarket freezers , and electric scooters. hacking internetofthings vulnerabilities

IoT 79

Future-Proofing for IoT Risks

Data Breach Today

Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them Check Point's Robert Falzon on Preparing for the Changes to Come The internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face.

IoT 153

Congress Considers IoT Cybersecurity Legislation - Again

Data Breach Today

Third Attempt at Setting Minimum Standards for Devices Government Uses The U.S.

IoT 219

RSA Conference 2019: Firms Continue to Fail at IoT Security

Threatpost

IoT is growing more popular in the home - and so too are the attacks that target these devices featuring valuable data, researchers said at RSA 2019. Hacks IoT Videos AEG smart scale iot hack IoT security Smart Home smart scale

IoT 90

Securing IoT: Is It Feasible?

Data Breach Today

consumers now own about 870 million IoT devices. In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape

IoT 100

2 Million IoT Devices Vulnerable to Complete Takeover

Threatpost

IoT Privacy Vulnerabilities "smart" doorbells attack baby monitor iLnkP2P IoT security P2P security camera video stream takeover vulnerabilityMillions of security cameras, baby monitors and "smart" doorbells are open to hijack - and no solution is currently available.

IoT 87

Experts Bemoan Shortcomings with IoT Security Bill

Threatpost

The infosec community say a recently approved IoT security bill is "nice," but doesn't hit on the important issues. IoT Vulnerabilities California Connected devices DDoS iot bill iot law iot password IoT security SB-327

IoT 62

Hackers Take Over IoT Devices to ‘Click’ on Ads

Threatpost

A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab. Featured IoT Security Analyst Summit Videos Vulnerabilities Web Security ad fraud Dan Demeter DDoS Internet of things iot trends Kaspersky Lab Q&A SAS 2019 video

IoT 72

How IoT, AI and blockchain will enable tomorrow’s autonomous supply chain

OpenText Information Management

The supply chain has been impacted by numerous … The post How IoT, AI and blockchain will enable tomorrow’s autonomous supply chain appeared first on OpenText Blogs. Business Network AI automate supply chain autonomous supply chain blockchain IoT supply chain

Authenticating in the Age of IoT

Data Breach Today

Nok Nok Lab's Philip Dunkelberger on Why Traditional Authentication Won't Work With the advent of the internet of things, authentication needs to be far more scalable, says Phillip Dunkelberger, CEO of Nok Nok Labs

IoT Cybersecurity Bill Proposed to Congress

Adam Levin

Congress proposed a bill to improve the security of internet-enabled devices called the Internet of Things (IoT) Cybersecurity Improvement Act of 2019. The post IoT Cybersecurity Bill Proposed to Congress appeared first on Adam Levin.

IoT 66

New IoT Security Regulations

Schneier on Security

While the US government is largely absent in this area of consumer protection, the state of California has recently stepped in and started regulating the Internet of Things, or "IoT" devices sold in the state­and the effects will soon be felt worldwide.

IoT 96

Japan's IoT Security Strategy: Break Into Devices

Data Breach Today

Nation to Allow Researchers to Brute-Force 200 Million Devices Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners

5 IoT Security Predictions for 2019

Security Affairs

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. 2018 was the year of the Internet of Things (IoT) – massive attacks and various botnets, a leap in regulation and standards, and increased adoption of IoT devices by consumers and enterprises, despite the existence of security and privacy concerns. IoT Attacks in 2018. Three IoT Attack Avenues for 2019.

IoT 76

IoT Devices: Reducing the Risks

Data Breach Today

Attorney Steven Teppler, who recently wrote a report that addresses risks related to the internet of things, offers insights on risk management steps organizations in all sectors must take as IoT devices proliferate in the enterprise

IoT 113

Podcast: Two Billion IoT Devices Still Vulnerable to BlueBorne Bug

Threatpost

Up to two billion devices are still vulnerable to the BlueBorne IoT attack - and may not ever get a patch. IoT Malware blueborne Bluetooth iot attack IoT security

IoT 71

Consumer IoT Devices Are Compromising Enterprise Networks

Dark Reading

While IoT devices continue to multiply, the latest studies show a dangerous lack of visibility into those connected to enterprise networks

Study 74

AWS FreeRTOS Bugs Allow Compromise of IoT Devices

Threatpost

The bugs let hackers crash IoT devices, leak their information, and completely take them over. IoT Vulnerabilities amazon AWS FreeRTOS IoT security vulnerabilities

IoT 82

Hacking the Twinkly IoT Christmas lights

Security Affairs

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The post Hacking the Twinkly IoT Christmas lights appeared first on Security Affairs.

IoT 84

Crypto Agility: Its Importance to IoT

Data Breach Today

Ted Shorter of CSS on the Need to Update Cryptographic Keys What is crypto agility, and why is it so important to IoT? Ted Shorter of Certified Security Solutions offers an explanation

IoT 130

Japan Authorizes IoT Hacking

Dark Reading

A new campaign will see government employees hacking into personal IoT devices to identify those at highest security risk

IoT 73

Japanese Government Will Hack Citizens' IoT Devices

Schneier on Security

The Japanese government's decision to log into users' IoT devices has sparked outrage in Japan. Many of today's IoT and router botnets are being built by hackers who take over devices with default or easy-to-guess passwords.

IoT 104

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

Related: IoT botnets now available for economical DDoS blasts. This attacker easily located IoT devices that used the manufacturers’ default security setting. He set loose a self-replicating internet worm to gain control of 600,000 household IoT devices. And then deployed this IoT botnet to bombard Krebs on Security – and ended up taking out Dyn as collateral damage.

IoT 206

Assessing IoT Risks in Healthcare Environments

Data Breach Today

Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference

IoT 140

FreeRTOS flaws expose millions of IoT devices to cyber attacks

Security Affairs

The researcher Ori Karliner and his team analyzed some of the most popular operating systems in the IoT market, including the FreeRTOS. FreeRTOS is an open-source operating system that runs on most of the small microprocessors and microcontrollers in IoT devices.

IoT 102

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Security Affairs

Experts discovered security flaws in the iLnkP2P peer-to-peer (P2P) system that exposes millions of IoT devices to remote attacks. The iLnkP2P system allows users to remotely connect to their IoT devices using a mobile phone or a PC. SecurityAffairs – iLnkP2P flaws, IoT).

IoT 90

Yet Another IoT Cybersecurity Document

Schneier on Security

This one is from NIST: " Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks." It's still in draft. Remember, there are many others. cybersecurity internetofthings nist

Improving IoT Security

Data Breach Today

Organizations in all sectors need to strive to adopt a standardized approach for ensuring that security is built into internet of things devices at the design phase, says Vinod Kumar, CEO and managing director at Bangalore-based Subex, a telecom analytics solutions provider

IoT 109

Podcast: Why Manufacturers Struggle To Secure IoT

Threatpost

Too often, many IoT device manufacturers are opting to leave out costly security features for their small, low power connected devices. . IoT Podcasts DDoS IoT IoT Consumer Device IoT Device IoT security Threatpost podcast

IoT 53

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The first data that emerged from the study is that threat actors continue to look at the IoT devices with increasing interest.

IoT 90

Augmented Reality, IoT and Enterprise Content Management

OpenText Information Management

Augmented … The post Augmented Reality, IoT and Enterprise Content Management appeared first on OpenText Blogs. Cloud Enterprise Content Management augmented reality Big Data connected factory Extended ECM hololens IoT OpenText™ Extended ECM for Office 365

IoT 76

IoT Security: The Basics

Pwnie Express

This piece is part 1 of our ongoing series on IoT security. Don't forget to download the eBook to understand the IoT security gap and how your business needs to address it, today. IoT Security

eBook 46