Security News

A three-year-long honeypot experiment featuring simulated low-interaction IoT devices of various types and locations gives a clear idea of why actors target specific devices. IoT devices are a booming market that includes small internet-connected devices such as cameras, lights, doorbells, smart TVs, motion sensors, speakers, thermostats, and many more.

DUCK. That's worrying, because when I checked my Tor browser version, it didn't have the latest NSS, but it had a more recent one than 1999, so that timestamp may be wrong. DUCK. Yes, of all the browsers that you probably want to avoid having [LAUGHS] exploitable privacy violating holes in.

The UK legislature is currently interested in a law about what it calls PSTI, short for Product Security and Telecommunications Infrastructure. It's a much more modest regulatory proposal, and unlike those proposals that aim to disrupt security and cryptography "Just in case we ever lock the keys in the car", its goal is to demand a modest increase in security and basic cyber-reliability in products such as mobile phones, fitness trackers, internet webcams, cloud doorbells, and temperature sensors for your pet fish.

A new British IoT product security law is racing through the House of Commons, with the government boasting it will outlaw default admin passwords and more. The Product Security and Telecommunications Infrastructure Bill was introduced yesterday and is intended to drive up security standards in consumer tech gadgetry, ranging from IoT devices to phones, fondleslabs, smart TVs, and so on.

Multiple security weaknesses have been disclosed in MediaTek system-on-chips that could have enabled a threat actor to elevate privileges and execute arbitrary code in the firmware of the audio processor, effectively allowing the attackers to carry out a "Massive eavesdrop campaign" without the users' knowledge. The discovery of the flaws is the result of reverse-engineering the Taiwanese company's audio digital signal processor unit by Israeli cybersecurity firm Check Point Research, ultimately finding that by stringing them together with other flaws present in a smartphone manufacturer's libraries, the issues uncovered in the chip could lead to local privilege escalation from an Android application.

As the automotive industry rapidly evolves and cars become smarter, cybercriminals are becoming more sophisticated too, constantly finding new ways to compromise connected vehicles. To select a suitable automotive IoT security solution, you need to think about a variety of factors.

The overall security in IoT market will reach $52.3 billion globally by 2026, while distributed denial of service protection for IoT systems will reach $1.58 globally by 2026, a ResearchAndMarkets report reveals. Other report findings Driven largely by commercial retrofits, IoT security in smart buildings will reach $4.55 globally by 2026.

The state of the big data in IoT market The overall global market for big data in IoT will reach $50.9 billion by 2026. Data analytics is the largest segment by product and service in the big data IoT market.

Newly surfaced malware that is difficult to detect and written in Google's open-source programming language has the potential to exploit millions of routers and IoT devices, researchers have found. This feature may be the reason why it's caught on with malware developers in the last few years, since it also makes it easier for attackers to spread malware on multiple operating systems, Caspi wrote.

The new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. CVE-2020-8958: Guangzhou 1GE ONU. Researchers at AT&T who analyzed the new botnet found that it targets millions of devices with functions that exploit the above flaws.