Security News

As part of the partnership, ASUS is equipping its ASUS PE200U edge computer with Innodisk's next-generation flash storage, the out-of-band management-enabled Innodisk InnoAGE SSD. This solution allows customers to roll out more reliable and secure edge devices and IoT infrastructure than ever before. The Innodisk InnoAGE's unique out-of-band signaling technology combined with ASUS IoT Cloud Console address this challenge by allowing device operators to effortlessly manage their IoT devices remotely.

An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation. VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations.

Azure Defender for IoT - Microsoft's new security solution for discovering unmanaged IoT/OT assets and IoT/OT vulnerabilities - is now in public preview and can be put to the test free of charge. About Azure Defender for IoT. "As industrial and critical infrastructure organizations implement digital transformation, the number of networked IoT and Operational Technology devices has greatly proliferated. Many of these devices lack visibility by IT teams and are often unpatched and misconfigured, making them soft targets for adversaries looking to pivot deeper into corporate networks," Phil Neray, Director of Azure IoT Security Strategy at Microsoft, explained.

Microsoft announced today that Azure Defender for IoT, its agentless security solution for networked IoT and Operational Technology devices, has entered public preview. Azure Defender for IoT is an IoT/OT device threat protection solution that integrates with Microsoft's Azure Sentinel and third-party solutions to provide continuous threat monitoring and vulnerability management.

TechRepublic's Karen Roby spoke with Lorrie Cranor, director and Bosch Distinguished Professor in security and privacy technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University, about security in Internet of Things devices for Cybersecurity Awareness Month. Lorrie Cranor: One of the things we've observed is that there are a lot of concerns about the security and privacy of IoT devices.

When buying Internet of Things devices, consumers should understand the risks to their privacy. Here's one way to advise them.

Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things devices. According to Google, the vulnerability affects users of Linux kernel versions before 5.9 that support BlueZ. BlueZ, which is an open-source project distributed under GNU General Public License, features the BlueZ kernel that has been part of the official Linux kernel since version 2.4.6.

At the Virus Bulletin Conference last week, two security researchers explained how they were able to compromise the command and control panels of 10 Internet of Things botnets. The researchers, Aditya K. Sood and Rohit Bansal of SecNiche Security Labs, revealed at the online conference that they were able to access the C&C panels of the Mana, Vivid, Kawaii, Verizon, Goon, 911-Net, Purge Net, Direct, 0xSec, and Dark botnets.

According to new data released by Cybersecurity Insiders, 72% of organizations experienced an increase in endpoint and IoT security incidents in the last year, while 56% anticipate their organization will likely be compromised due to an endpoint or IoT-originated attack with the next 12 months. The research found that 41% will implement or advance on-premise device security enforcement, 35% will advance their remote access devices posture checking, and 22% will advance their IoT device identification and monitoring capabilities.

Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. The researchers said the HEH botnet samples discovered so far support a wide variety of CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III), and PowerPC. The botnet, despite being in its early stages of development, comes with three functional modules: a propagation module, a local HTTP service module, and a P2P module.