Security News

TechRepublic Premium Portable Storage Policy Portable storage media allow employees to access or back up business data both inside and outside the office. The ease of use presented by portable storage devices can also place companies at significant risk of lost or stolen data.

TechRepublic Premium Portable Storage Policy Portable storage media allow employees to access or back up business data both inside and outside the office. Malware can infect portable storage media, which can then be inadvertently or purposely introduced .... TechRepublic Premium MSP Best Practices: Network Switch and Router Deployment Checklist No managed services provider should lock itself out of the very network switches or routers it deploys, yet such accidents occur.

Infosec in brief Bot defense software vendor Human Security last week detailed an attack that "Sold off-brand mobile and Connected TV devices on popular online retailers and resale sites preloaded with a known malware called Triada." Human named the campaign to infect and distribute the Android devices BADBOX. The infected devices were sold for under $50. Human's researchers found over 200 models with pre-installed malware, and when it went shopping for seven particular devices found that 80 percent of units were infected with BADBOX. Analysis of infected devices yielded intel on an ad fraud module Human's researchers named PEACHPIT. At its peak, PEACHPIT ran on a botnet spanning 121,000 devices a day on Android.

While smart speakers are only supposed to listen after being invoked with a "Wake" phrase, their data collection and who they share that with may surprise. A profound difference was also found in the amount of data requested from smart device owners depending on whether the associated app was installed on an Android or iOS phone.

A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb. The researchers seem to have chosen their target device, the TP-Link Tapo L530E, on the basis that it is "Currently [the] best seller on Amazon Italy," so we don't know how other smart bulbs stack up, but their report has plenty to teach us anyway.

Researchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link's Tapo app, which could allow attackers to steal their target's WiFi password. TP-link Tapo is a smart device management app with 10 million installations on Google Play.

The Biden-Harris Administration has announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks. The new "U.S. Cyber Trust Mark" program proposed by FCC Chairwoman Jessica Rosenworcel would raise the bar for cybersecurity across common devices, including smart refrigerators, smart microwaves, smart televisions, smart climate control systems, smart fitness trackers, and more.

A new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose connected devices that are more secure and resilient to hacker attacks. NIST-level security for IoT. The U.S. Cyber Trust Mark program aims to recognize smart products that meet cybersecurity criteria from the National Institute of Standards and Technology, which include the use of unique and strong default passwords, data protection, software updates, and incident detection capabilities.

The Google Smart Lock application for iOS can use your iPhone as a security key to lock down your Google Account to provide extra security above and beyond two-factor authentication.In this tutorial, I'll show you how to set up this Smart Lock app and use it to lock down your Google Account's 2FA support.

According to Imperva, bad bot traffic grew to 30.2%, a 2.5% increase over 2021. In this Help Net Security video, Lynn Marks, Senior Product Manager at Imperva, discusses malicious bot activity.