IoT News, Articles and Updates

Google patches 7 flaws in Dnsmasq

Google reported it has discovered and issued patches fo seven vulnerabilities in the DNS software package Dnsmasq, several of which could lead to remote code execution or leave the device open to a denial of service attack if exploited.

4G vulnerabilities put mobile users and even Smart Cities at risk, study

Despite keeping us connected and even providing a bump in security over its predecessor, 4G networks are still plagued with weaknesses.

Linux IoT botnet retooled to send spam email

An IoT botnet has set its hooks in about 4,500 - 5,000 proxy devices to send spam emails which each device capable of sending 400 messages or a total of 1.8 million messages per day.

Report: Without safeguards, Internet and IoT may create surveillance states in near future

A catastrophic worldwide cyberattack and the emergence of an IoT-enabled surveillance state were among the chief security and privacy fears expressed by experts polled for a new report about the internet and its future impact.

Medfusion 4000 Wireless Syringe Infusion Pump can be exploited to compromise operations

Until a new version of Smiths Medical's Medfusion 4000 Wireless Syringe Infusion Pump is issued in January 2018, its operators should be wary of eight vulnerabilities that can be remotely exploited to gain access to the device and compromise its functionality.

Bluetooth ache: Protocol's security not sufficiently researched, experts claim after 'BlueBorne' disclosure

The recently disclosed collection of "BlueBorne" vulnerabilities that were found to affect at least 5.3 billion Bluetooth-enabled devices has revealed several inconvenient truths about the short-range communications protocol, experts say.

Abbott Laboratories securing vulnerable pacemakers with firmware and software updates

Healthcare product manufacturer Abbott Laboratories is updating the firmware and software in its line of implantable pacemakers to shore up a security vulnerability that could lead to unauthorized access.

SMEs ahead of larger orgs in IoT security, study

SMEs may not have the resources of their larger peers but they're training them on identifying threats and determining the potential dangers connected devices pose, according to a study from Pwnie Express.

Svpeng mobile banking trojan now a keylogger

Cybercriminals have updated the functionality of the popular Svpeng mobile banking trojan giving it keylogger capabilities and the ability to access the text input from almost all of a devices apps.

IoT improvement act would set security standards for cos. selling to government

Under the act device makers couldn't hardcore passwords, which have been exploited in the past to spread malware like in the recent Mirai attacks, into products sold to the government.

Researcher: In two decades, adversaries at war could cause mass destruction via IoT attacks

Two decades from now, warring adversaries could conceivably attack each other by sabotaging a population's IoT consumer devices en masse, respected cybersecurity expert Mikko Hypponen predicted at Black Hat on Thursday.

Hacking Nemo: Adversary compromises smart fish tank at casino

An unknown actor recently succeeded in hacking into a casino's smart fish tank and exfiltrating its data to a device in Finland.

Cisco predicts a major increase in cyberattacks designed to destroy systems

Cisco researchers are predicting more and larger cyberattacks that have the goal of destroying their targets systems, instead of financial gain or stealing information.

Devil's Ivy bug patched after found in toolkit potentially used by millions of IoT devices

Researchers investigating a vulnerability in security cameras from Axis Communications ended up uncovering a far more wide-ranging threat when they discovered the flaw actually lies within a toolkit used by myriad IoT product developers.

Bipartisan bill aims to generate cyber hygiene best practices

The "Promoting Good Cyber Hygiene Act" would create a baseline of best practices, ensure those practices come under annual review and update and are published on a publicly accessible website.

Linux malware gaining favor among cybercriminals

Linux malware is becoming a more important tool for cybercriminals as these individuals focus a greater portion of their attention on attacking IoT devices running the open-source operating system.

Automotive and IoT companies paying handsomely as bug bounty rewards rise

The average bug bounty payout has jumped from $295 a little over a year ago to $451, as the automotive industry leads the way with an average payout of $1,514, according to Bugcrowd, a leading vulnerability disclosure platform provider.

Power industry significantly concerned of cyberthreats, says industry exec

National Grid spokesperson tells SC "gas and electricity networks are isolated from our everyday business systems to ensure our networks remain safe and reliable."

Persirai is tops among four families of IoT camera botnets

An analysis of roughly 4,400 IP cameras in the U.S. using custom http servers found that just over 51 percent of them are infected by one of four Internet of Things botnet malware families, according to new research.

New IoT bot Persirai ensnaring IP cameras

Apparently emanating from Iran, Persirai has been detected by researchers at Trend Micro linking more than 1,000 internet protocol (IP) camera models into a vast Internet of Things (IoT) botnet.

Bondnet 007.01 botnet seizes servers to farm cryptocurrency

The sky may have fallen causing agents and servers across the globe to go rogue as the Bondnet 007.01 botnet army seizes victims to do its bidding.

Paid in the USA: Americans more likely to pony up when infected with ransomware

The U.S. suffered 34 percent of global ransomware infections last year - and it's no wonder why, with 64 percent of Americans willing to pay to retrieve their encrypted files, compared to 34 percent of victims worldwide, according to Symantec.