Security News

How to navigate the current 5G and IoT threat landscape
2022-10-24 14:15

Current challenges and risks entailing 5G / IoT. A key differentiation between 5G and its predecessor networks is that 5G entails an untrusted core network between the subscriber end and the unified data management environment, whereas predecessor networks had a hierarchical trust model. A 2021 report by the Cybersecurity and Infrastructure Security Agency regarding Potential Threat Vectors to 5G Infrastructure listed supply chain risks as a particularly dangerous threat in the 5G space.

Cloudflare shows flair with new products for mobile and IoT security
2022-10-03 12:50

Cloudflare shows flair with new products for mobile and IoT security. Cloudflare holds the view that while corporate organizations have made moves to deploy zero-trust security solutions at the software level of their desktops, mobile devices have not received similar attention.

Embedded IoT security threats and challenges
2022-09-29 05:30

IoT embedded systems combine hardware, firmware, and internet connectivity to carry out particular functions. These devices transfer real-time data via the internet for various purposes, including tracking, monitoring, and analysis.

New Report on IoT Security
2022-09-27 11:15

The Atlantic Council has published a report on securing the Internet of Things: "Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem." The report examines the regulatory approaches taken by four countries-the US, the UK, Australia, and Singapore-to secure home, medical, and networking/telecommunications devices. The report recommends that regulators should 1) enforce minimum security standards for manufacturers of IoT devices, 2) incentivize higher levels of security through public contracting, and 3) try to align IoT standards internationally.

Securing your IoT devices against cyber attacks in 5 steps
2022-09-14 14:06

In general, IoT refers to devices with embedded software, sensors, network connectivity, and other technologies, allowing them to exchange data with other devices connected to the Internet. IoT devices are particularly common in the healthcare and manufacturing industries, where business-critical operations and data pass through internet-connected devices like monitors, tablets, scanners, and more.

Shape-shifting cryptominer savages Linux endpoints and IoT
2022-09-10 11:00

AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones. Popular adventure clothing brand The North Face and shoe company Vans, subsidiaries of the same parent company, have admitted to a credential stuffing attack that netted its attacker 194,905 user's worth of PII. Most every piece of PII stored on the two websites were compromised, with the exception of credit card numbers, which the brands' parent company VF Outdoors said it doesn't store on its sites.

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices
2022-09-07 12:38

A new piece of stealthy Linux malware called Shikitega has been uncovered adopting a multi-stage infection chain to compromise endpoints and IoT devices and deposit additional payloads. The findings add to a growing list of Linux malware that has been found in the wild in recent months, including BPFDoor, Symbiote, Syslogk, OrBit, and Lightning Framework.

Rise in IoT vulnerability disclosures, up 57%
2022-08-29 03:00

Vulnerability disclosures impacting IoT devices increased by 57% in the first half of 2022 compared to the previous six months, according to a research by Claroty. The report also found that over the same time period, vendor self-disclosures increased by 69%, becoming more prolific reporters than independent research outfits for the first time, and fully or partially remediated firmware vulnerabilities increased by 79%, a notable improvement given the relative challenges in patching firmware versus software vulnerabilities.

IoT: The huge cybersecurity blind spot that’s costing millions
2022-08-18 05:00

Organizations need to be aware of the cybersecurity blind spots generated by the prevalence of IoT technology, because connected devices are opening virtual doors into organizations' networks. As IoT adoption becomes more widespread, 93% of enterprises are finding it necessary to up their security spend for IoT and unmanaged devices as a result.

How attackers are exploiting corporate IoT
2022-08-17 04:00

In this Help Net Security video, Brian Contos, CSO at Phosphorus Cybersecurity, discusses how most companies consider IoT threats to be limited in scope. In actuality, a growing number of sophisticated adversaries are realizing the true value of IoT as an easy initial breach point to get access to the corporate network.