Security News

On IoT Devices and Software Liability
2024-01-12 12:03

Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties. While users are generally able to seek redress following a cyberattack via data protection legislation, there is no equivalent pathway available to third-party victims who suffer harm at the hands of a cyberattacker.

BlackBerry squashes plan to spin out its IoT biz
2023-12-12 08:23

BlackBerry has decided its plan to split into two separate companies is not a good idea and will instead reorganize itself into two independent divisions. The former smartphone champ has two businesses: cyber security and IoT. Neither has thrived in recent years so, in pursuit of greater shareholder value, the Canadian biz conducted a review it called Project Imperium.

21 high-risk vulnerabilities in OT/IoT routers found
2023-12-06 09:40

Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements. The "SIERRA:21 - Living on the Edge" report features research into Sierra Wireless AirLink cellular routers and some open-source components, such as TinyXML and OpenNDS. Sierra Wireless routers are popular - an open database of Wi-Fi networks shows 245,000 networks worldwide running Sierra Wireless for various applications.

New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices
2023-12-04 11:03

Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is...

Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations
2023-11-02 13:45

The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August...

IoT’s convenience comes with cybersecurity challenges
2023-10-30 04:00

The rapid proliferation of Internet of Things devices has ushered in a new era of connectivity and convenience, transforming the way we live and work. This interconnectivity has also given rise to a host of cybersecurity challenges and vulnerabilities.

IoT security threats highlight the need for zero trust principles
2023-10-27 04:30

ThreatLabz focused on understanding IoT device activity and attributes via device fingerprinting and analyzing the IoT malware threat landscape. By adopting a zero trust architecture, organizations can gain visibility into IoT device traffic and minimize IoT security risks.

What is operational risk and why should you care? Assessing SEC rule readiness for OT and IoT
2023-10-25 04:30

Of particular concern is whether public companies who own and operate industrial control systems and connected IoT infrastructure are prepared to fully define operational risk, and therefore are equipped to fully disclose material business risk from cyber incidents. Operational risk in OT and IoT. Cybersecurity incidents continue to disrupt production, with companies like Clorox reporting product shortages a month after disclosure.

Inadequate IoT protection can be a costly mistake
2023-10-16 03:30

"Organizations worldwide are under mounting pressure to ensure their IoT and connected devices are protected while navigating an increasingly complex digital landscape that requires complete trust," said Ellen Boehm, SVP, IoT Strategies and Operations at Keyfactor. "The results of this survey demonstrate the importance of identity-first security for those who manufacture IoT devices and those who deploy and operate them in their environment to establish digital trust at scale. Most organizations implement PKI solutions in their IoT security strategy, which is a huge step in the right direction. However, it's clear that with 97% of organizations facing IoT security challenges, security teams are struggling to leverage their tools efficiently. Ensuring that IoT device security is managed throughout its lifecycle will go a long way in both eliminating costly certificate outages and enhancing the long-term viability of IoT within the enterprise," added Boehm.

High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security
2023-10-09 10:49

Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO's ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to...