Security News

Given the transition from siloed IoT devices to interconnected IoT environments, what are the main challenges and risks this brings in terms of cybersecurity? Moving from isolated to interconnected IoT devices unveils new cybersecurity challenges.

We will explore what the Internet of Medical Things is and will investigate how healthcare organizations should best assess the security of their networks. We will then reveal why and how HIPAA plays a role in securing sensitive medical data and how attack surface management can secure the IoMT for healthcare organizations.

Microsoft announced the public preview of a new Defender for IoT feature that helps analyze the firmware of embedded Linux devices like routers for security vulnerabilities and common weaknesses. [...]

Internet-facing Linux systems and Internet of Things devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal device resources for mining operations," Microsoft threat intelligence researcher Rotem Sde-Or said.

The e-tail giant's Ring home security cam subsidiary was accused of "Compromising its customers' privacy by allowing any employee or contractor to access consumers' private videos and by failing to implement basic privacy and security protections, enabling hackers to take control of consumers' accounts, cameras, and videos." The FTC complaint also alleges Ring knew its cloud services were susceptible to credential stuffing and brute-force attacks but did little to stymie such efforts.

"These vulnerabilities can be triggered from user-mode applications by sending malicious commands to a TPM 2.0 whose firmware is based on an affected TCG reference implementation," the Trusted Computing Group said in an advisory. Large tech vendors, organizations using enterprise computers, servers, IoT devices, and embedded systems that include a TPM can be impacted by the flaws, Quarkslab noted, adding they "Could affect billions of devices."

In this Help Net Security video, J.R. Cunningham, CSO at Nuspire, discusses IoT cybersecurity concerns for 2023. With homes becoming increasingly connected and reliant on smart technology, the potential for cybercriminals to exploit vulnerabilities and wreak havoc is higher than ever before.

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. "Once the vulnerable devices are compromised, they will be fully controlled by attackers and become a part of the botnet," Unit 42 researchers said.

ASCON is the name of the group of lightweight authenticated encryption and hashing algorithms that the U.S. National Institute of Standards and Technology has chosen to secure the data generated by Internet of Things devices: implanted medical devices, keyless entry fobs, "Smart home" devices, etc. Why are the ASCON encryption algorithms a good choice for IoT devices?

The US National Institute of Standards and Technology wants to protect all devices great and small, and is getting closer to settling on next-gen cryptographic algorithms suitable for systems at both ends of that spectrum - the very great and the very small. The lightweight cryptography algorithms for IoT need to be powerful enough to offer high security and efficient enough to do so with limited electronic resources.