Security News

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service attacks.

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. Security experts at Palo Alto Networks said Thursday their sensors detected the new Mirai variant - dubbed Mukashi - on Mar. 12.

Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, announced a collaboration with VIOMI, a leading provider of IoT-enabled smart home products, to accelerate the market introduction of innovative 5G-enabled IoT devices for consumers in China. Keysight's 5G device test solutions are well-positioned to address the 5G IoT endpoint installed base market, which Gartner predicts will more than triple between 2020 and 2023.

With billions of IoT devices transferring data to and from the cloud, ensuring security requires both the IoT cloud service and the device to trust the received data. Mutual authentication ensures that the device and the cloud trust each other, but the fragmentation of the IoT market means that security services scalability and duplication are very limited.

Thales and Telstra, Australia's leading telecommunications company are working with Microsoft and Arduino to pave the way for scalable security for connected IoT devices, by implementing a solution that enables trusted and secure end-to-end communication between device and cloud. That's why Thales, Telstra, Microsoft and Arduino decided to team up to work on a solution that addresses the challenge of securely and efficiently connecting IoT devices to clouds in the most simplified way and through cellular networks.

That's the finding from a survey from Axonius, which reveals how trends including the ever-increasing number of end-user devices, rapid cloud adoption, and the looming IoT explosion are leading to increased complexity and risk and decreased visibility. Pressure on IT and security teams to deal with major security gaps.

In an interview at RSA 2020, Greg Young, the vice present of cybersecurity at Trend Micro, said that companies need to focus on cloud security posture management to make sure all cloud instances...

More than half of all internet of things devices are vulnerable to medium- or high-severity attacks, meaning that enterprises are sitting on a "Ticking IoT time bomb," according to Palo Alto Networks Unit 42 research team. One big takeaway for me is that you found that more than half of IoT devices are vulnerable to medium- or high-severity attacks, making IoT the low-hanging fruit for attackers.

Everbridge, the global leader in critical event management, announced that the company has unveiled new CEM capabilities across the Internet of Things for corporate, government and healthcare organizations to protect their people, assets, operations, supply chain and brand from critical events such as coronavirus. With the number of IoT devices expected to approach 75 billion by 2025, the Everbridge CEM platform enables organizations to utilize vast amounts of electronic data, including IoT sensors, to digitally transform how they manage the safety and security of their employees, customers, patients, first responders, residents, and visitors, as well as the resiliency of their operations and supply chain.

Santa Clara, Calif-based Ordr has announced additional funding to the Series B funding round announced in December 2019. Ordr was founded in 2015 by Pandian Gnanaprakasam and Sheausong Yang to provide security for the rapidly expanding IoT ecosphere.