New Online Platform Coordinates IoT Bug Reports

Data Breach Today

VulnerableThings.com Seeks to Improve Bug Reporting for Connected Devices A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices.

IoT 198

IoT Supply Chains: Where Risks Abound

Data Breach Today

ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins.

IoT 160

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Singapore Launches IoT Cybersecurity Labelling

Data Breach Today

Labels Will Indicate What Security Standards Products Meet Singapore has launched an IoT cybersecurity labelling program intended to improve the baseline security of internet-connected consumer products.

IoT 166

The IoT Application Checklist

RFID Global Solution, Inc.

It was Kevin Ashton, co-founder of MIT’s Auto-ID Center, who first used … The IoT Application Checklist Read More ». The post The IoT Application Checklist appeared first on RFID Global Solution. Blog IoT iot applications iot platform

IoT 52

IoT Unravelled Part 3: Security

Troy Hunt

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. Are these examples actually risks in IoT? IoT firmware should be self-healing. IoT Security

IoT 87

IoT Cybersecurity Improvement Act Passed, Heads to President’s Desk

Threatpost

Security experts praised the newly approved IoT law as a step in the right direction for insecure connected federal devices.

IoT 95

Even in Test Mode, New Mirai Variant Infecting IoT Devices

Data Breach Today

Researchers: 'Katana' Features Many Enhancements A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab

IoT 195

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices.

IoT 105

Analysis: Keeping IoT Devices Secure

Data Breach Today

This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity

IoT 131

'Heh' Botnet Targets Telnet on IoT Devices

Data Breach Today

Researchers Say Bot Code Could Wipe Disks Clean Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices

IoT 138

Survey: Security Concerns Slow Down IoT Deployments

Data Breach Today

Preventing Ransomware and Other Malware Attacks Is Top of Mind for Enterprises Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey. Here's what enterprises need to keep in mind when selecting security technology for IoT

IoT 151

IoT Device Takeovers Surge 100 Percent in 2020

Threatpost

The COVID-19 pandemic, coupled with an explosion in the number of connected devices, have led to a swelling in IoT infections observed on wireless networks.

IoT 106

Botnet Attackers Turn to Vulnerable IoT Devices

Threatpost

Podcasts Web Security botnet DDoS Distributed Denial of Service edge computing Fortinet Internet of things IoT TrickBotCybercriminals are leveraging the multitudes of vulnerable connected devices with botnets that launch dangerous distributed denial-of-service (DDoS) attacks.

IoT 94

2019 IoT Security Outlook

Data Breach Today

DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings

IoT 151

Researchers: IoT Botnets Could Influence Energy Prices

Data Breach Today

Paper Describes How Connected Devices Could Be Used to Manipulate Markets High-wattage IoT devices and appliances, such as connected refrigerators, air conditioners and heaters, could be turned into massive botnets by malicious actors and used to influence energy prices, according to an academic study released at Black Hat 2020.

IoT 147

New Charges, Sentencing in Satori IoT Botnet Conspiracy

Krebs on Security

Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. The government says the defendants built and maintained their IoT botnets by constantly scanning the Web for insecure devices. Some of the IoT botnets enslaved hundreds of thousands of hacked devices.

IoT 147

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 160

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019.

IoT 113

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities.

IoT 97

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

The Internet of Things (IoT) has come a long, long way since precocious students at Carnegie Melon University installed micro-switches inside of a Coca-Cola vending machine so they could remotely check on the temperature and availability of their favorite beverages.

IoT 167

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

How to hack IoT & RF Devices with BürtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e.

IoT 110

IoT Vulnerability Disclosure Platform Launched

Dark Reading

VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations

IoT 67

IBM Finds Flaw in Millions of Thales Wireless IoT Modules

Data Breach Today

Insulin Pumps Could Be Manipulated and Smart Meters Could Be Wrecked, IBM Warns A patching effort has been underway for six months to upgrade Thales wireless communication modules that are embedded in millions of IoT devices, including insulin pumps and smart meters.

IoT 174

DARPA and Academia Jumpstart 5G IoT Security Efforts

Dark Reading

With 5G IoT devices projected to hit 49 million units by 2023, researchers launch programs to keep IoT from becoming a blackhole of exfiltration

IoT 80

An Attacker's IoT Paradise: Billions of Insecure Devices

Data Breach Today

Trend Micro Envisions Maturing IoT Attacker Business Models The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market.

IoT 154

Bluetooth Spoofing Bug Affects Billions of IoT Devices

Threatpost

Critical Infrastructure IoT Mobile Security Vulnerabilities Android apple BLESA Bluetooth Bluetooth Low Energy BlueZ CVE-2020-9770 google ios IoT devices Linux pairing Purdue University Spoofing unpatched

IoT 112

Kaiji Botnet Targets Linux Servers, IoT Devices

Data Breach Today

Researchers: Malware Is Capable of Launching DDoS Attacks Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks

IoT 147

The Role of 'Prosilience' in IoT Security

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service

IoT 191

IoT Security Principles

Schneier on Security

They call for: Distinguishing between consumer and industrial IoT. And if you need more security and privacy principles for the IoT, here's a list of over twenty. The BSA -- also known as the Software Alliance, formerly the Business Software Alliance -- is an industry lobbying group. They just published "Policy Principles for Building a Secure and Trustworthy Internet of Things.". Offering incentives for integrating security. Harmonizing national and international policies.

IoT 77

More Than 1,000 IoT Security Guidelines: Which One to Use?

Data Breach Today

Study Suggests Actionable Recommendations Would Improve IoT Security With more than 1,000 IoT security guidelines, recommendations and best practices, which ones should an organization follow? Researchers at Carleton University in Canada say 91 percent of the guides are outcome-based, which are not necessarily easy for manufacturers to follow

IoT 141

How Amazon and Walmart Could Fix IoT Security

Data Breach Today

Bruce Schneier Says Pressure on Retailers Could Fix Insecure IoT Supply Chains IoT devices can be made cheaply and quickly. The Atlantic Council is proposing regulations that would require technology retailers to sell devices that meet security standards, which would, in turn, put pressure on IoT component makers But as a result, they may lack adequate security features.

Retail 128

Mozi Botnet Accounts for Majority of IoT Traffic

Threatpost

Mozi’s spike comes amid a huge increase in overall IoT botnet activity. IoT Malware Vulnerabilities Web Security 90 percent botnet brute force CMDi Command injection dht IBM Internet of things iot traffic Mirai mozi P2P peer to peer Routers Telnet wget

IoT 89

Fixing IoT Leaks with Hardware Security

Data Breach Today

Brian Romansky of Owl Cyber Defense Discusses the Role of Data Diodes Data diodes provide a way to control data flows in IoT devices, says Brian Romansky of Owl Cyber Defense, who describes "unhackable" hardware

IoT 152

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders. He found that 39 percent of the vulnerable IoT things were in China; another 19 percent are located in Europe; seven percent of them are in use in the United States. If the code stamped on your IoT device begins with one of these, it is vulnerable.

IoT 191

Coming Soon: 'Trust Mark' Certification for IoT Devices

Data Breach Today

Program, Which Could Become Global, Designed to Evaluate Security of Connected Devices An Australian IoT alliance is developing a certification program designed to raise security standards for connected device manufacturers and give consumers more confidence that they're buying secure devices.

IoT 161

Azure Sphere IoT Bug Hunt Yields $374,000 in Bounties

Data Breach Today

Three-Month Competition Designed to Sniff Out Problems Microsoft's IoT platform, Azure Sphere, which launched in February, is the company's bet to address the growing security and management problems around connected devices. A three-month bug bounty program for the platform resulted in resolving a number of vulnerabilities and awarding $374,000 in bounties

IoT 123

IoT Security: 20 Years Behind Enterprise Computing

Data Breach Today

While IoT devices are entering enterprises at a rapid pace, the security practices around them are as much as 20 years behind those for enterprise computing, says Sean Peasley of Deloitte, who outlines steps organizations can take to ensure safe IoT computing

IoT 131

Japan's IoT Scanning Project: Insecure Devices Found

Data Breach Today

The results are encouraging, and the country's program could serve as a model for other nations aiming to avoid large-scale IoT security problems But Port Scanning Project Found Small Number of Problematic Devices Japan has been scanning its entire IPv4 address space to find insecure home routers, web cameras and sensors.

IoT 113

Analyzing IoT Security Best Practices

Schneier on Security

New research: " Best Practices for IoT Security: What Does That Even Mean? " van Oorschot: Abstract: Best practices for Internet of Things (IoT) security have recently attracted considerable attention worldwide from industry and governments, while academic research has highlighted the failure of many IoT product manufacturers to follow accepted practices. We consider categories of best practices, and how they apply over the lifecycle of IoT devices.

IoT 85

There is no one-size-fits-all for IoT

OpenText Information Management

I hated to give my response because it was a total non-answer: It depends because there is no one-size-fits-all for IoT. What I could not communicate … The post There is no one-size-fits-all for IoT appeared first on OpenText Blogs.

IoT 55