Security News
IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture...
A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as...
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat...
The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components associated with known vulnerabilities. The research showed that widely used OT/IoT router firmware images have, on average, 20 exploitable n-day vulnerabilities affecting the kernel, leading to increasing security risks.
The explosion of Internet of Things devices has brought about a wide range of security and privacy challenges, according to Bitdefender and NETGEAR. The report is based on global telemetry of 3.8 million homes and 50 million IoT devices that generated 9.1 billion security events over the course of 12 months. Vulnerabilities in IoT frameworks, like those found in the ThroughTek Kalay platform, expose millions of users to potential privacy breaches.
Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. A set of eight separate issues, seven of them with identifiers CVE-2023-47610 through CVE-2023-47616 and another that has yet to be registered, were disclosed last November by security researchers at Kaspersky's ICS CERT division. On Saturday, at the OffensiveCon conference in Berlin, Alexander Kozlov and Sergey Anufrienko will be providing low level technical details about the security issues and how a threat actor could exploit them to take control of vulnerable Telit Cinterion devices.
Cybersecurity is a relatively new challenge for many IoT device makers who have traditionally produced non-connected devices. IoT devices are built on a foundation of insecure software-a large portion of the open-source software and the chips used to build devices are poorly secured.
With help from Steve Statler, the chief marketing officer at IoT technology provider Wiliot, TechRepublic has identified the top four trends emerging in IoT that U.K. businesses should be aware of: the Product Security and Telecommunications Infrastructure Act, narrowband IoT, AI-augmented IoT and new memory technologies. The following year, the IoT Cybersecurity Improvement Act, which came into force in the U.S., prohibits agencies from using IoT devices that don't comply with standards set by the National Institute of Standards and Technology.
The Product Security and Telecommunications Infrastructure Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy. "Most smart devices are manufactured outside the UK, but the PSTI act also applies to all organisations importing or retailing products for the UK market. Failure to comply with the act is a criminal offence, with fines up to £10 million or 4% of qualifying worldwide revenue," Carla V, National Cyber Security Centre's Citizen Resilience Officer, pointed out.