Security News

TechRepublic's Karen Roby spoke with Lorrie Cranor, director and Bosch Distinguished Professor in security and privacy technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University, about security in Internet of Things devices for Cybersecurity Awareness Month. Lorrie Cranor: One of the things we've observed is that there are a lot of concerns about the security and privacy of IoT devices.

When buying Internet of Things devices, consumers should understand the risks to their privacy. Here's one way to advise them.

Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things devices. According to Google, the vulnerability affects users of Linux kernel versions before 5.9 that support BlueZ. BlueZ, which is an open-source project distributed under GNU General Public License, features the BlueZ kernel that has been part of the official Linux kernel since version 2.4.6.

At the Virus Bulletin Conference last week, two security researchers explained how they were able to compromise the command and control panels of 10 Internet of Things botnets. The researchers, Aditya K. Sood and Rohit Bansal of SecNiche Security Labs, revealed at the online conference that they were able to access the C&C panels of the Mana, Vivid, Kawaii, Verizon, Goon, 911-Net, Purge Net, Direct, 0xSec, and Dark botnets.

According to new data released by Cybersecurity Insiders, 72% of organizations experienced an increase in endpoint and IoT security incidents in the last year, while 56% anticipate their organization will likely be compromised due to an endpoint or IoT-originated attack with the next 12 months. The research found that 41% will implement or advance on-premise device security enforcement, 35% will advance their remote access devices posture checking, and 22% will advance their IoT device identification and monitoring capabilities.

Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. The researchers said the HEH botnet samples discovered so far support a wide variety of CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III), and PowerPC. The botnet, despite being in its early stages of development, comes with three functional modules: a propagation module, a local HTTP service module, and a P2P module.

The report features responses from 1,639 businesses globally, exploring how they are using IoT and how IoT is helping them be ready for the future. As a result, 84% of adopters now view the integration of IoT devices with workers as a higher priority and 73% of businesses considering IoT agree the pandemic will accelerate their adoption plans.

Twilio announced a major expansion of the company's IoT offerings with the launch of Microvisor, an IoT connectivity and device management platform that offers embedded developers a one stop shop for building connected devices, keeping them secure, and managing them through their lifetime. Twilio aims to significantly accelerate IoT adoption by providing as much critical but common infrastructure as possible, so that IoT teams can focus on delivering unique value to businesses and consumers.

Amazon Timestream addresses these challenges by giving customers a purpose-built, serverless time series database for collecting, storing, and processing time series data. Amazon Timestream integrates with popular data collection, visualization, and machine learning tools that customers use today, including services like AWS IoT Core, Amazon Kinesis and Amazon MSK, Amazon QuickSight, and Amazon SageMaker, as well as open source, third-party tools like Grafana and Telegraf.

The 11th Gen Intel Core processors, Intel Atom x6000E series, and Intel Pentium and Celeron N and J series bring new artificial intelligence, security, functional safety and real-time capabilities to edge customers. "By 2023, up to 70% of all enterprises will process data at the edge. 11th Gen Intel Core processors, Intel Atom x6000E series, and Intel Pentium and Celeron N and J series processors represent our most significant step forward yet in enhancements for IoT, bringing features that address our customers' current needs, while setting the foundation for capabilities with advancements in AI and 5G," said John Healy, Intel vice president of the Internet of Things Group and general manager of Platform Management and Customer Engineering.