How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 208

Bluetooth Spoofing Bug Affects Billions of IoT Devices

Threatpost

Critical Infrastructure IoT Mobile Security Vulnerabilities Android apple BLESA Bluetooth Bluetooth Low Energy BlueZ CVE-2020-9770 google ios IoT devices Linux pairing Purdue University Spoofing unpatched

IoT 111

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019.

IoT 89

Analysis: Keeping IoT Devices Secure

Data Breach Today

This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity

IoT 127

IoT Security Principles

Schneier on Security

They call for: Distinguishing between consumer and industrial IoT. And if you need more security and privacy principles for the IoT, here's a list of over twenty. The BSA -- also known as the Software Alliance, formerly the Business Software Alliance -- is an industry lobbying group.

IoT 94

Survey: Security Concerns Slow Down IoT Deployments

Data Breach Today

Preventing Ransomware and Other Malware Attacks Is Top of Mind for Enterprises Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey. Here's what enterprises need to keep in mind when selecting security technology for IoT

IoT 146

IBM Finds Flaw in Millions of Thales Wireless IoT Modules

Data Breach Today

Insulin Pumps Could Be Manipulated and Smart Meters Could Be Wrecked, IBM Warns A patching effort has been underway for six months to upgrade Thales wireless communication modules that are embedded in millions of IoT devices, including insulin pumps and smart meters.

IoT 169

New Charges, Sentencing in Satori IoT Botnet Conspiracy

Krebs on Security

Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. The government says the defendants built and maintained their IoT botnets by constantly scanning the Web for insecure devices. Some of the IoT botnets enslaved hundreds of thousands of hacked devices.

IoT 139

Mozi Botnet Accounts for Majority of IoT Traffic

Threatpost

Mozi’s spike comes amid a huge increase in overall IoT botnet activity. IoT Malware Vulnerabilities Web Security 90 percent botnet brute force CMDi Command injection dht IBM Internet of things iot traffic Mirai mozi P2P peer to peer Routers Telnet wget

IoT 78

2019 IoT Security Outlook

Data Breach Today

DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings

IoT 146

New Malware Family Assembles IoT Botnet

Dark Reading

Mozi' combines code from three previously known IoT malware

IoT 96

There is no one-size-fits-all for IoT

OpenText Information Management

I hated to give my response because it was a total non-answer: It depends because there is no one-size-fits-all for IoT. What I could not communicate … The post There is no one-size-fits-all for IoT appeared first on OpenText Blogs.

IoT 55

Kaiji Botnet Targets Linux Servers, IoT Devices

Data Breach Today

Researchers: Malware Is Capable of Launching DDoS Attacks Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks

IoT 142

Researchers: IoT Botnets Could Influence Energy Prices

Data Breach Today

Paper Describes How Connected Devices Could Be Used to Manipulate Markets High-wattage IoT devices and appliances, such as connected refrigerators, air conditioners and heaters, could be turned into massive botnets by malicious actors and used to influence energy prices, according to an academic study released at Black Hat 2020

IoT 112

The Role of 'Prosilience' in IoT Security

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service

IoT 190

How Amazon and Walmart Could Fix IoT Security

Data Breach Today

Bruce Schneier Says Pressure on Retailers Could Fix Insecure IoT Supply Chains IoT devices can be made cheaply and quickly. The Atlantic Council is proposing regulations that would require technology retailers to sell devices that meet security standards, which would, in turn, put pressure on IoT component makers But as a result, they may lack adequate security features.

Retail 123

Coming Soon: 'Trust Mark' Certification for IoT Devices

Data Breach Today

Program, Which Could Become Global, Designed to Evaluate Security of Connected Devices An Australian IoT alliance is developing a certification program designed to raise security standards for connected device manufacturers and give consumers more confidence that they're buying secure devices.

IoT 159

Japan's IoT Scanning Project: Insecure Devices Found

Data Breach Today

The results are encouraging, and the country's program could serve as a model for other nations aiming to avoid large-scale IoT security problems But Port Scanning Project Found Small Number of Problematic Devices Japan has been scanning its entire IPv4 address space to find insecure home routers, web cameras and sensors.

IoT 112

An Attacker's IoT Paradise: Billions of Insecure Devices

Data Breach Today

Trend Micro Envisions Maturing IoT Attacker Business Models The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight

IoT 116

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

How to hack IoT & RF Devices with BürtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e. At this point, with JTAG & UART pins known, we can use a combination of #FocacciaBoard & #BürtleinaBoard to have full access to the IoT Target. Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way!

IoT 80

Half a Million IoT Passwords Leaked

Schneier on Security

We have a long way to go to secure the IoT. It is amazing that this sort of thing can still happen: the list was compiled by scanning the entire internet for devices that were exposing their Telnet port.

Analyzing IoT Security Best Practices

Schneier on Security

New research: " Best Practices for IoT Security: What Does That Even Mean? " van Oorschot: Abstract: Best practices for Internet of Things (IoT) security have recently attracted considerable attention worldwide from industry and governments, while academic research has highlighted the failure of many IoT product manufacturers to follow accepted practices. We consider categories of best practices, and how they apply over the lifecycle of IoT devices.

IoT 81

Fixing IoT Leaks with Hardware Security

Data Breach Today

Brian Romansky of Owl Cyber Defense Discusses the Role of Data Diodes Data diodes provide a way to control data flows in IoT devices, says Brian Romansky of Owl Cyber Defense, who describes "unhackable" hardware

IoT 147

Smart-Lock Hacks Point to Larger IoT Problems

Dark Reading

Two recent reports on smart-locks vulnerabilities show that IoT vendors have a bigger job to do in ensuring their products are safely deployed and configured

IoT 97

Future-Proofing for IoT Risks

Data Breach Today

Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them Check Point's Robert Falzon on Preparing for the Changes to Come The internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face.

IoT 155

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders. He found that 39 percent of the vulnerable IoT things were in China; another 19 percent are located in Europe; seven percent of them are in use in the United States. If the code stamped on your IoT device begins with one of these, it is vulnerable.

IoT 183

IoT Security: 20 Years Behind Enterprise Computing

Data Breach Today

While IoT devices are entering enterprises at a rapid pace, the security practices around them are as much as 20 years behind those for enterprise computing, says Sean Peasley of Deloitte, who outlines steps organizations can take to ensure safe IoT computing

IoT 127

More Than Half of IoT Devices Vulnerable to Severe Attacks

Threatpost

A full 98 percent of all IoT device traffic is unencrypted, exposing personal and confidential data on the network. IoT Malware Podcasts botnet Conficker Worm Connected Device Cybersecurity DDoS Encryption IoT Device IoT security may wang medical iot Palo Alto Networks Ryan Olson top threats Unit 42

IoT 83

Researchers Warn of Flaw Affecting Millions of IoT Devices

Threatpost

A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP.

IoT 95

Countering Attacks That Leverage IoT

Data Breach Today

Eddie Doyle of Checkpoint Software on Mitigation Strategies How are cybercrime syndicates launching attacks that leverage IoT devices? Eddie Doyle of Check Point Software Technologies offers insights on the latest attack strategies and how to counter them

IoT 127

IoT in Petro-Chem

RFID Global Solution, Inc.

The Chemical and Petroleum industries provide challenging environments for the design and implementation of IoT solutions. A solution suitable for the petrochem industry differs from solutions for other industrial sectors due to hazardous locations requiring specially designed and … IoT in Petro-Chem Read More ». The post IoT in Petro-Chem appeared first on RFID Global Solution. Blog IoT IoT oil and gas

IoT 40

Securing IoT: Is It Feasible?

Data Breach Today

consumers now own about 870 million IoT devices. In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape

IoT 100

NIST Issues IoT Risk Guidelines

Dark Reading

A new report offers the first step toward understanding and managing IoT cybersecurity risks

IoT 82

7 Steps to IoT Security in 2020

Dark Reading

There are important steps security teams should take to be ready for the evolving security threats to the IoT in 2020

IoT 97

Mandatory IoT Security in the Offing with U.K. Proposal

Threatpost

Government IoT default password Device security Internet of things iot legislation iot manufacturers IoT security Password regulation Security Updates tech law Uk gov law uk lawThe new U.K.

IoT 79

Managing IoT Risks: Reinventing Security

Data Breach Today

Security needs to be reinvented for the internet of things, and start-up companies can play a critical role, says Robin Saxby, the former CEO and founder of Arm Holdings, a U.K.-based based semiconductor company, who now invests in start-up firms

IoT 142

Insight Partners' Latest Purchase: IoT Security Firm Armis

Data Breach Today

Private Equity Firm Expects to Close Deal in February Private equity firm Insight Partners plans to acquire yet another security company: This time it's IoT security startup Armis.

IoT 139

The Pulse of ITAD: NIST Issues Important Guidance for IoT

InfoGoTo

IOT device manufacturers have a multipart problem when designing security processes and procedures for their devices. You can read more about this story here: The Pulse of ITAD IOT Pulse of ITAD SITAD

IoT 52

New IoT Security Regulations

Schneier on Security

While the US government is largely absent in this area of consumer protection, the state of California has recently stepped in and started regulating the Internet of Things, or "IoT" devices sold in the state­and the effects will soon be felt worldwide.

IoT 111

Cataloging IoT Vulnerabilities

Schneier on Security

Recent articles about IoT vulnerabilities describe hacking of construction cranes , supermarket freezers , and electric scooters. hacking internetofthings vulnerabilities

IoT 74