Security News

The IoT Cybersecurity Improvement Act of 2020 requires the National Institute of Standards and Technology to develop and publish standards and guidelines on addressing issues related to the development, management, configuring, and patching of IoT devices. The law demands the Office of Management and Budget to issue recommendations based on the NIST guidelines for federal agencies, which are required to ensure that all IoT devices within their environments fully comply with these standards and guidelines.

The name "Amnesia:33" refers to the fact that most of the flaws stem from memory corruption - coupled with the fact that there are 33 flaws. While researchers did not specify which vendors and specific devices were affected by the set of vulnerabilities, they said at least 150 vendors were affected.

Kigen has enabled 2 billion SIMs in IoT devices and has new state-of-the-art eSIM and integrated SIM deployments with leading chipset providers, module vendors and network operators. As an independent but wholly-owned subsidiary of Arm, Kigen will focus on addressing device-maker demand for greater choice in affordable security for trusted IoT devices.

Advantech, the chip manufacturer, has confirmed that it received a ransom note from a Conti ransomware operation on Nov. 26 demanding 750 Bitcoin, which translates into about $14 million, to decrypt compromised files and delete the data they stole. Professionalized ransomware groups including Conti, Ragnar Locker, Maze, Clop and others have been exploiting security holes created by the emergency shift to remote work due to the pandemic, coupled with well-publicized leak sites to wreak havoc and wring millions out of unsuspecting companies like Advantech.

Industrial automation and Industrial IoT chip maker Advantech confirmed a ransomware attack that hit its network and led to the theft of confidential, albeit low-value, company documents. The Conti operators behind the attack on Advantech's network have set a ransom of 750 BTC for full data decryption and for removing stolen data from their servers according to a chat log seen by BleepingComputer.

With up to 75 percent of remote device management projects deemed "Not successful," in 2020, IoT deployment has been limited in realizing its full potential. A new wave of affordable silicon that provides a wide array of features and functionality, in conjunction with the maturation of pre-packed software, will lead to a substantial increase in IoT project success in the upcoming year, predict experts at Sequitur Labs.

MIT researchers have developed a system that could bring deep learning neural networks to new - and much smaller - places, like the tiny computer chips in wearable medical devices, household appliances, and the 250 billion other objects that constitute the IoT. The system, called MCUNet, designs compact neural networks that deliver unprecedented speed and accuracy for deep learning on IoT devices, despite limited memory and processing power. IoT devices often run on microcontrollers - simple computer chips with no operating system, minimal processing power, and less than one thousandth of the memory of a typical smartphone.

CyberArk announced it is working with Forescout and Phosphorus to enable organizations to secure the increasing number of IoT devices and technologies resulting from digital business transformation. Customers can significantly reduce risk using the joint integration to continuously discover, secure and manage IoT devices connected to corporate networks.

Security stalwarts praised the bill's alignment with existing standards and best practices, as well as its meaning for IoT devices - which have long been plagued by security and privacy issues. The IoT Cybersecurity Improvement Act has several different parts.

The IoT Cybersecurity Improvement Act, a bill that aims to improve the security of Internet of Things devices, passed the Senate on Tuesday and is heading to the White House for the president's signature. Sen. Gardner commented, "I applaud the Senate for passing our bipartisan and bicameral legislation to ensure the federal government leads by example and purchases devices that meet basic requirements to prevent hackers from accessing government systems."