New Online Platform Coordinates IoT Bug Reports

Data Breach Today

VulnerableThings.com Seeks to Improve Bug Reporting for Connected Devices A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices.

IoT 200

Singapore Expands Consumer IoT Labelling

Data Breach Today

Now Included: IP Cameras, Smart Door Locks, Lights and Printers Singapore is expanding a labelling program that allows buyers to see at a glance the cybersecurity readiness of a consumer IoT device.

IoT 148
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Singapore Launches IoT Cybersecurity Labelling

Data Breach Today

Labels Will Indicate What Security Standards Products Meet Singapore has launched an IoT cybersecurity labelling program intended to improve the baseline security of internet-connected consumer products.

IoT 168

IoT Supply Chains: Where Risks Abound

Data Breach Today

ENISA Releases Guidance on Reducing IoT Supply Chain Risk IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins.

IoT 162

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices.

IoT 107

Federal IoT Guidelines Move Closer to Becoming Law

Data Breach Today

IoT Products Would Have to Meet Minimum Security Requirements for Use by Government Legislation that establishes minimum security standards for IoT devices procured by the federal government is moving closer to becoming law.

IoT 207

Even in Test Mode, New Mirai Variant Infecting IoT Devices

Data Breach Today

Researchers: 'Katana' Features Many Enhancements A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab

IoT 197

Analysis: Keeping IoT Devices Secure

Data Breach Today

This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity

IoT 133

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

billion Internet of Things (IoT) devices. As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. Implications for IoT devices.

IoT 91

New Charges, Sentencing in Satori IoT Botnet Conspiracy

Krebs on Security

Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. The government says the defendants built and maintained their IoT botnets by constantly scanning the Web for insecure devices. Some of the IoT botnets enslaved hundreds of thousands of hacked devices.

IoT 169

2019 IoT Security Outlook

Data Breach Today

DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings

IoT 153

Survey: Security Concerns Slow Down IoT Deployments

Data Breach Today

Preventing Ransomware and Other Malware Attacks Is Top of Mind for Enterprises Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey. Here's what enterprises need to keep in mind when selecting security technology for IoT

IoT 153

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 160

IoT Unravelled Part 3: Security

Troy Hunt

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. Are these examples actually risks in IoT? IoT firmware should be self-healing. IoT Security

IoT 110

'Heh' Botnet Targets Telnet on IoT Devices

Data Breach Today

Researchers Say Bot Code Could Wipe Disks Clean Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices

IoT 140

IoT Cybersecurity Improvement Act Passed, Heads to President’s Desk

Threatpost

Security experts praised the newly approved IoT law as a step in the right direction for insecure connected federal devices.

IoT 95

Researchers: IoT Botnets Could Influence Energy Prices

Data Breach Today

Paper Describes How Connected Devices Could Be Used to Manipulate Markets High-wattage IoT devices and appliances, such as connected refrigerators, air conditioners and heaters, could be turned into massive botnets by malicious actors and used to influence energy prices, according to an academic study released at Black Hat 2020.

IoT 148

Cryptomining Worm Now Targets Web Apps, IoT Devices

Data Breach Today

Researchers: Malware Uses New GitHub Repository, Mines for Monero A previously documented cryptomining worm dubbed Gitpaste-12 has returned with a wide-ranging series of attacks targeting web applications and IoT devices that exploit at least 31 vulnerabilities, according to Juniper Threat Labs

IoT 148

The Role of 'Prosilience' in IoT Security

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service

IoT 191

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

How to hack IoT & RF Devices with BürtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e.

IoT 111

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

The post Hacked IoT Devices Livestreaming Swatting Attacks: FBI appeared first on Adam Levin. Data Security Technology featured hacking IoT swatHackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI.

IoT 79

An Attacker's IoT Paradise: Billions of Insecure Devices

Data Breach Today

Trend Micro Envisions Maturing IoT Attacker Business Models The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market.

IoT 156

Kaiji Botnet Targets Linux Servers, IoT Devices

Data Breach Today

Researchers: Malware Is Capable of Launching DDoS Attacks Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks

IoT 149

IBM Finds Flaw in Millions of Thales Wireless IoT Modules

Data Breach Today

Insulin Pumps Could Be Manipulated and Smart Meters Could Be Wrecked, IBM Warns A patching effort has been underway for six months to upgrade Thales wireless communication modules that are embedded in millions of IoT devices, including insulin pumps and smart meters.

IoT 176

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders. He found that 39 percent of the vulnerable IoT things were in China; another 19 percent are located in Europe; seven percent of them are in use in the United States. If the code stamped on your IoT device begins with one of these, it is vulnerable.

IoT 206

Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand

Threatpost

IoT Malware Web Security $14 million ransom Advantech conti cyberattack Industrial IoT Internet of things ransomwareThe ransomware group has leaked stolen data to add pressure on the company to pay up.

IoT 96

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019.

IoT 113

IoT Device Takeovers Surge 100 Percent in 2020

Threatpost

The COVID-19 pandemic, coupled with an explosion in the number of connected devices, have led to a swelling in IoT infections observed on wireless networks.

IoT 103

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities.

IoT 99

New TCP/IP Vulnerabilities Expose IoT, OT Systems

eSecurity Planet

Forescout Research Labs last month released a 14-page white paper and a 47-page research report detailing 33 vulnerabilities affecting millions of Internet of Things (IoT), Operational Technology (OT), and IT devices. Also Read: 5 Essential IoT Security Best Practices.

IoT 93

Fixing IoT Leaks with Hardware Security

Data Breach Today

Brian Romansky of Owl Cyber Defense Discusses the Role of Data Diodes Data diodes provide a way to control data flows in IoT devices, says Brian Romansky of Owl Cyber Defense, who describes "unhackable" hardware

IoT 153

Rethinking IoT Security: It's Not About the Devices

Dark Reading

Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome

IoT 95

Enterprise IoT Security Is a Supply Chain Problem

Dark Reading

Organizations that wish to take advantage of the potential benefits of IoT systems in enterprise environments should start evaluating third-party risk during the acquisition process

IoT 104

How Amazon and Walmart Could Fix IoT Security

Data Breach Today

Bruce Schneier Says Pressure on Retailers Could Fix Insecure IoT Supply Chains IoT devices can be made cheaply and quickly. The Atlantic Council is proposing regulations that would require technology retailers to sell devices that meet security standards, which would, in turn, put pressure on IoT component makers But as a result, they may lack adequate security features.

Retail 129

More Than 1,000 IoT Security Guidelines: Which One to Use?

Data Breach Today

Study Suggests Actionable Recommendations Would Improve IoT Security With more than 1,000 IoT security guidelines, recommendations and best practices, which ones should an organization follow? Researchers at Carleton University in Canada say 91 percent of the guides are outcome-based, which are not necessarily easy for manufacturers to follow

IoT 142

IoT Security: 20 Years Behind Enterprise Computing

Data Breach Today

While IoT devices are entering enterprises at a rapid pace, the security practices around them are as much as 20 years behind those for enterprise computing, says Sean Peasley of Deloitte, who outlines steps organizations can take to ensure safe IoT computing

IoT 133

Bluetooth Spoofing Bug Affects Billions of IoT Devices

Threatpost

Critical Infrastructure IoT Mobile Security Vulnerabilities Android apple BLESA Bluetooth Bluetooth Low Energy BlueZ CVE-2020-9770 google ios IoT devices Linux pairing Purdue University Spoofing unpatched

IoT 109

Countering Attacks That Leverage IoT

Data Breach Today

Eddie Doyle of Checkpoint Software on Mitigation Strategies How are cybercrime syndicates launching attacks that leverage IoT devices? Eddie Doyle of Check Point Software Technologies offers insights on the latest attack strategies and how to counter them

IoT 133

IoT Vulnerability Disclosure Platform Launched

Dark Reading

VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations

IoT 65

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

Threatpost

A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns.

IoT 105