IoT | SC Media

IoT

IOT2

Uptick in IoT related data breaches as unsecured devices increase

By

A recent  Ponemon Institute study found, there has been a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017. The study found these breaches account for 26 percent of incidents, up from 15 percent, although the actual number may be greater as most organizations aren’t aware of…

Three serious vulnerabilities found in PrinterLogic software

By

The current and older versions of PrinterLogic Print Management Software contain three high-severity vulnerabilities that would-be attackers could exploit to reconfigure the software and remotely execute code. According to a security advisory from the CERT/CC at Carnegie Mellon University’s Software Engineering Institute, the PrinterLogic agent fails to properly validate the PrinterLogic management portal’s SSL certificate…

Flawed P2P technology threatens millions of IoT devices

By

At least two million internet-connected devices featuring the peer-to-peer (P2P) communications technology iLnkP2P contain two major security flaws that could allow malicious actors to discover the products online, snoop on them and hijack them. Security researcher Paul Marrapese discovered the issue in hundreds of brands of security cameras, baby monitors, smart doorbells and digital video…

Chucky is a rogue IoT device in latest Child’s Play trailer

By

The most recent iteration of the Child’s Play franchise features the murderous doll Chucky as a rogue IoT device gone mad. The new film’s trailer features Chucky connected to the “Buddi” platform which allows users to control all of their connected home devices including various electronics, toys, and anything else that can be forged into…

Mirai variant adds 11 news exploits, shifting focus to enterprise IoT devices

By

Developers behind a newly discovered variant of the Mirai Internet of Things botnet malware have expanded their target list, placing a greater emphasis on high-bandwidth enterprise devices that are potentially capable of launching heavy-duty distributed denial of service attacks. Detected by the Palo Alto Networks Unit 42 threat research team, the botnet still attempts to infect…

Trolley Talk, RSA 2019 edition: SC’s second annual cable car chats (video)

By

SC Media’s Senior Reporter Bradley Barth once again commutes to Fisherman’s Wharf with several top cybersecurity execs and for the first time a pair of undercover wireless research “workmen” come along for the ride. Back by popular demand, SC Media proudly presents its second annual edition of Trolley Talk, a segment where we interview leading cybersecurity experts while riding the…

IoT devices attacked faster than ever, DDoS attacks up dramatically: Netscout

By

Cybercriminals upped their game in a big way in 2018, dramatically increasing the number and severity of DDoS attacks and refining their IoT attacks to entirely new levels. The main takeaway from Netscout’s Threat Report that looked at the second half of 2018 was that cybercriminals built and used cheaper, easier-to-deploy and more persistent malware…

12th annual Data Privacy Day advice: complicated passwords, VPNs and fines

By

Considering the hundreds of millions of records exposed in data breaches just last year, the 12th annual Data Privacy Day could not arrive quickly enough. On the plus side for privacy, at least for EU residents, GDPR went into effect last May and will soon be joined by the California Consumer Privacy Act and other…

Making Office IoT Attacks DOA

By Josh Wyatt, global executive services director, Optiv Security When we think about securing the internet of things (IoT), the conversation usually turns to the sensational – ranging from industrial controllers being compromised to bring down critical infrastructure, to automobile cruise control systems being hacked, to last year’s “holiday nightmare” security story where researchers found…

Researchers develop proof-of-concept malware for attacking Building Automation Systems

By

Researchers have developed proof-of-concept malware capable of compromising Building Automation Systems after discovering two critical bugs in a BAS programmable logic controller (PLC). Created by experts at ForeScout, the malware exploits both vulnerabilities in combination with several older flaws that were previously known to the public, according to a ForeScout white paper released today in…

Next post in Security News