Security News
Cypress Semiconductor unveiled solutions that give IoT product developers a simplified path to build high-quality, secure, and reliable IoT products. "The problem solvers at Cypress have taken on this challenge and expanded our solutions to help our customers bring high-quality, secure, and reliable products to market faster. IoT-AdvantEdge simplifies the development process, bringing together the essential building blocks of the IoT through powerful software and hardware combinations."
The total number of IoT connections will reach 83 billion by 2024, rising from 35 billion connections in 2020, according to Juniper Research. Industrial sector to account for a total of 60 billion IoT connections.
In this podcast, Mike Nelson, Vice President of IoT Security at DigiCert, talks about the growing insecurity of IoT devices and what we should do about it. We read a lot about bad password practices, and hard-coded credentials, and hackers being able to gain access because they go in and they are able to discover the password and the user manuals of IoT - IoT instruction manuals.
If you thought the Mirai botnet was bad, what about a version under the control of Russia's military that it could point like an electronic cannon at people it didn't like? That's the prospect we could face after the reported emergence of secret Russian project documents online last week. The documents, which come from hacking group Digital Revolution but haven't been verified, suggest that Russia's Federal Security Service, has been working on an internet of things botnet of its own called Fronton.
A wide variety of Zyxel and LILIN IoT devices are being conscripted into several botnets, researchers have warned. Users are advised to implement the provided firmware updates to plug the security holes exploited by the botmasters or, if they can't, to stop using the devices altogether or to put them behind network firewalls.
A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service attacks.
A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service attacks.
In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. Security experts at Palo Alto Networks said Thursday their sensors detected the new Mirai variant - dubbed Mukashi - on Mar. 12.
Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, announced a collaboration with VIOMI, a leading provider of IoT-enabled smart home products, to accelerate the market introduction of innovative 5G-enabled IoT devices for consumers in China. Keysight's 5G device test solutions are well-positioned to address the 5G IoT endpoint installed base market, which Gartner predicts will more than triple between 2020 and 2023.
With billions of IoT devices transferring data to and from the cloud, ensuring security requires both the IoT cloud service and the device to trust the received data. Mutual authentication ensures that the device and the cloud trust each other, but the fragmentation of the IoT market means that security services scalability and duplication are very limited.