Article and IoT - Cyber Security Informer

Securing the International IoT Supply Chain

Schneier on Security

JULY 1, 2020

Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? News article. Selling to U.S.

IoT

IoT Manufacturing Cybersecurity

Using Hacked IoT Devices to Disrupt the Power Grid

Schneier on Security

SEPTEMBER 11, 2018

This is really interesting research: " BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid ": Abstract : We demonstrate that an Internet of Things (IoT) botnet of high wattage devices-such as air conditioners and heaters-gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid.

IoT

IoT Hacking Marketing Engineering

Cataloging IoT Vulnerabilities

Schneier on Security

FEBRUARY 18, 2019

Recent articles about IoT vulnerabilities describe hacking of construction cranes , supermarket freezers , and electric scooters.

IoT

IoT Hacking

On IoT Devices and Software Liability

Schneier on Security

JANUARY 12, 2024

New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.

IoT

IoT Software Manufacturing Internet

The UK Bans Default Passwords

Schneier on Security

MAY 2, 2024

The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. IoT manufacturers aren’t making two devices, one for California and one for the rest of the US.

Passwords

Passwords IoT Manufacturing Telecommunications

Securing the Internet of Things through Class-Action Lawsuits

Schneier on Security

FEBRUARY 27, 2020

This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities will produce insecure IoT devices, and (2) political failures will leave that industry unregulated. Result: insecure IoT.

Internet

Internet Internet IoT Manufacturing

DDoS 2.0: IoT Sparks New DDoS Alert

The Hacker News

SEPTEMBER 15, 2023

The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they’re uniquely problematic, and how to mitigate them. What Is IoT?

DDOS

DDOS IoT Healthcare Internet

Last Watchdog’s IoT and ‘zero trust’ coverage win MVP awards from Information Management Today

The Last Watchdog

DECEMBER 5, 2019

I’m privileged to share news that two Last Watchdog articles were recognized in the 2019 Information Management Today MVP Awards.

IoT

IoT Cyber Risk Internet Internet

Patch now! The Mirai IoT botnet is exploiting TP-Link routers

Graham Cluley

MAY 4, 2023

Businesses should patch their TP-Link routers as soon as possible, after the revelation that a legendary IoT botnet is targeting them for recruitment. Read more in my article on the Tripwire State of Security blog.

IoT

IoT DDOS

End-to-End IoT Device Security: What You Need to Know

Security Boulevard

MAY 12, 2021

In the course of reading this article, you’ll likely interact with several connected devices. The post End-to-End IoT Device Security: What You Need to Know appeared first on Security Boulevard. And you probably wouldn’t have even given it a second thought if we hadn’t just called it out.

IoT

HomePwn: Swiss Army Knife for Penetration Testing of IoT Devices

Hacker's King

NOVEMBER 2, 2024

You probably know about Netcat a Swiss Army Knife for networking pen-testing tool for hackers and cybersecurity experts, but what if you get something like that for Internet Of Things (IoT) devices to test their security before an actual hacker does. Specific modules for the technology to be audited.

Penetration Testing

Penetration Testing IoT Technology DNS

Microsoft includes IoT devices under its Secured-core program

CSO Magazine

JUNE 22, 2022

Addressing security concerns associated with the growing momentum for edge computing , Microsoft is making its Edge Secured-core program for Windows-based IoT devices generally available. While support for Windows 10 IoT is generally available, it is still in preview for Linux. To read this article in full, please click here

IoT

Lousy IoT Security

Schneier on Security

DECEMBER 19, 2019

From a Wired article : One issue that jumped out at the researchers: The DTEN system stored notes and annotations written through the whiteboard feature in an Amazon Web Services bucket that was exposed on the open internet. BoingBoing article. And this, in a nutshell, is the problem with the Internet-of-Things.

IoT

IoT Wireless System Administration Encryption

Portnox adds IoT fingerprinting to network access control service

CSO Magazine

OCTOBER 12, 2022

Network security firm Portnox on Wednesday announced it is adding IoT fingerprinting features to the Portnox Cloud NAC-as-a-Service to allow companies to more easily identify and authorize devices on their networks. To read this article in full, please click here

IoT

IoT Network Security

IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024

Trend Micro

JANUARY 16, 2025

Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras.

IoT

IoT DDOS Wireless Cyber threats

BrandPost: Securing IoT: Best Practices for Retailers

CSO Magazine

NOVEMBER 30, 2021

Without a doubt, one of the most game-changing innovations is the Internet of Things (IoT). Industry analyst firm IDC expects there will be over 41 billion connected IoT devices by 2025. In particular, the retail sector is increasingly using IoT technology to personalize the customer experience and digitization.

Retail

Retail IoT Internet Internet

How a new generation of IoT botnets is amplifying DDoS attacks

CSO Magazine

APRIL 25, 2022

His friend wanted to see how fast Mirai , a novel internet of things (IoT) botnet installer, would take over a Linux-based DVR camera recorder that was popular with medium-size businesses. To read this article in full, please click here

DDOS

DDOS IoT Internet Internet

The Future of P2P IoT Botnets

Trend Micro

MARCH 10, 2021

We discuss how the involvement of P2P technology in IoT botnets can transform them into stronger threats that organizations and users need to watch out for.

IoT

IoT Technology Cyber threats

S4x23 Review Part 4: Cybersecurity for Industrial IoT

Trend Micro

MARCH 30, 2023

In this fourth article, I introduce the discussion related to Industrial IoT, that is involved challenges to adopt cybersecurity strategy into modernizing environment.

IoT

IoT Cybersecurity Cyber threats Risk

Inrupt’s Solid Announcement

Schneier on Security

NOVEMBER 13, 2020

Data generated by your things — your computer, your phone, your IoT whatever — is written to your pod. A few news articles. Earlier this year, I announced that I had joined Inrupt , the company commercializing Tim Berners-Lee’s Solid specification : The idea behind Solid is both simple and extraordinarily powerful.

Insurance

Insurance IoT Healthcare Technology

Palo Alto Networks looks to shore up healthcare IoT security

CSO Magazine

DECEMBER 5, 2022

Palo Alto Networks today rolled out a new Medical IoT Security offering, designed to provide improved visibility, automated monitoring and more for hitherto vulnerable healthcare IoT frameworks, thanks to machine learning and adherence to zero trust principles. To read this article in full, please click here

Healthcare

Healthcare IoT

Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices

Trend Micro

NOVEMBER 17, 2024

In this blog entry, we discuss Water Barghest's exploitation of IoT devices, transforming them into profitable assets through advanced automation and monetization techniques.

IoT

IoT Marketing

New TCP/IP Vulnerabilities Expose IoT, OT Systems

eSecurity Planet

JANUARY 6, 2021

Forescout Research Labs last month released a 14-page white paper and a 47-page research report detailing 33 vulnerabilities affecting millions of Internet of Things (IoT), Operational Technology (OT), and IT devices. Also Read: 5 Essential IoT Security Best Practices. Consumer Internet of Things (IoT). Affected TCP/IP stacks.

IoT

IoT DNS Internet Internet

New Linux Cryptomining Malware

Schneier on Security

SEPTEMBER 12, 2022

AT&T recommends Linux endpoint and IoT device managers keep security patches installed, keep EDR software up to date and make regular backups of essential systems. Another article. Bottom line: Shikitega is a nasty piece of code. Slashdot thread.

Malware

Malware Backups IoT Software

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

SecureWorld News

JANUARY 16, 2025

This article delves deeper into the challenges faced by the oil and gas industry, highlighting practical strategies to safeguard critical infrastructure through cybersecurity, data analytics, and regulatory compliance. To ensure energy security and economic stability, protecting the infrastructure is essential.

Energy and Utilities

Energy and Utilities IoT Artificial Intelligence Backups

CrowdStrike expands Falcon platform with XDR for IoT assets

CSO Magazine

APRIL 11, 2023

Cybersecurity vendor CrowdStrike has announced the release of new extended detection and response (XDR) capabilities within its Falcon platform to secure extended internet of things (XIoT) assets including IoT, Industrial IoT, OT, and medical devices. To read this article in full, please click here

IoT

IoT Internet Internet Risk

How to Secure IoT Devices

GlobalSign

APRIL 6, 2023

The Internet of Things (IoT) technology has made our lives more efficient in every aspect, but with this comes risk. In this article, we take a look at the security protocols to help secure IoT devices.

IoT

IoT Internet Internet Technology

Protecting IoT Connected Devices Makes the Internet Safer

GlobalSign

FEBRUARY 6, 2023

The number of vulnerabilities to IoT devices is increasing. This article explores how protecting IoT devices can be more secure and make the internet safer.

IoT

IoT Internet Internet

New Mirai botnet variant V3G4 targets Linux servers, IoT devices

CSO Magazine

FEBRUARY 17, 2023

A new variant of Mirai — the botnet malware used to launch massive DDoS attacks —has been targeting 13 vulnerabilities in IoT devices connected to Linux servers, according to researchers at Palo Alto Network’s Unit 42 cybersecurity team. To read this article in full, please click here

IoT

IoT DDOS Malware Cybersecurity

How Will 5G Technology Alter IoT Security And How Can We Prepare?

CyberSecurity Insiders

JANUARY 28, 2022

Moreover, predictions made by Gartner indicate that a staggering 59% of organizations plan to support their IoT networks through 5G- which opens up new avenues for cybercriminals to exploit. This article explores the possible ramifications that 5G could have for IoT security, along with some steps that enterprises can take to prepare for it.

IoT

IoT Technology Mobile Software

Unfixed vulnerability in popular library puts IoT products at risk

Malwarebytes

MAY 4, 2022

Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. The devices like your laptop, phones, tablets and IoT (Internet of Things) devices such as TVs, temperature sensors, and security cameras. Stay safe, everyone!

IoT

IoT DNS Risk Internet

IoT, connected devices biggest contributors to expanding application attack surface

CSO Magazine

JANUARY 31, 2023

The growth of the internet of things (IoT) and connected devices are the biggest contributing factors to organizations’ expanding attack surfaces. To read this article in full, please click here

IoT

IoT Marketing Internet Internet

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

SecureWorld News

OCTOBER 16, 2024

The breaches underscore the growing threat of vulnerabilities in IoT (Internet of Things) devices. A January 2024 blog on ToolingIdeas.com provides a comprehensive rundown of the risks of IoT devices, particularly robot vacuums. The video is unnerving. Now suck on that, Mr.

IoT

IoT Hacking Risk Internet

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

Trend Micro

DECEMBER 8, 2021

In our study, we relied on the tactics, techniques, and procedures of MITRE ATT&CK to define the malware capabilities and characteristics of IoT Linux malware. We describe our findings and how IoT malware has been evolving.

IoT

IoT Malware Cyber threats

Five Interesting Israeli CyberSecurity Companies

Joseph Steinberg

APRIL 7, 2021

Back in 2015 and 2017, I ran articles in Inc. For years, in articles, lectures, and books I have discussed how the spread of IoT and AI technologies – both individually and together – are dramatically increasing the danger to human life posed by cyberattacks on healthcare facilities. Argus Cyber Security .

Cybersecurity

Cybersecurity Small Business IoT Computers and Electronics

Default static key in ThingsBoard IoT platform can give attackers admin access

CSO Magazine

APRIL 6, 2023

Developers of ThingsBoard, an open-source platform for managing IoT devices that's used in various industry sectors, have fixed a vulnerability that could allow attackers to escalate their privileges on a server and send requests with administrative privileges. To read this article in full, please click here

IoT

oneM2M IoT security specifications granted ITU approval

CSO Magazine

MAY 3, 2023

The ITU Telecommunication Standardization Sector (ITU-T) has approved a set of security specifications for internet of things (IoT) systems. The oneM2M specifications define a common set of IoT service functions to enable secure data exchange and information interoperability across different vertical sectors, service providers, and use cases.

IoT

IoT Telecommunications Technology Internet

Does Home IoT Compromise Enterprise Security?

Trend Micro

NOVEMBER 1, 2021

The most recent Pwn2Own (Fall 2021 Pwn2Own Austin) includes more IoT entries than ever. This gives us an opportunity to probe today’s largest and newest enterprise attack surface: the home office.

IoT

IoT Cyber threats Mobile Malware

Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC

CSO Magazine

OCTOBER 24, 2022

A secure by design approach is vital to protecting the internet of things (IoT) and smart cities, according to Lindy Cameron, CEO of the UK National Cyber Security Centre (NCSC). Growth of IoT giving rise to increased security threats. To read this article in full, please click here

IoT

IoT Technology Internet Internet

Dynamic analysis of firmware components in IoT devices

SecureList

JULY 6, 2022

Among the various offensive security techniques, vulnerability assessment takes priority when it comes to analyzing the security of IoT/IIoT devices. The vulnerability assessment of IoT/IIoT devices is based on analyzing their firmware. The full version of the article is published on the Kaspersky ICS CERT website.

Firmware

Firmware IoT Architecture Manufacturing

Palo Alto announces new SD-WAN features for IoT security, compliance support

CSO Magazine

MARCH 15, 2023

Cybersecurity vendor Palo Alto has announced new software-defined wide area network (SD-WAN) features in its Prisma SASE solution for IoT device security and to help customers meet industry-specific security compliance requirements. To read this article in full, please click here

IoT

IoT Phishing Software Cybersecurity

IoT devices have serious security deficiencies due to bad random number generation

CSO Magazine

AUGUST 13, 2021

To read this article in full, please click here These are used for authentication, encryption, access control and many other aspects of modern security and they all require cryptographically secure random numbers -- sequences of numbers or symbols that are chosen in a way that's unpredictable by an attacker.

CSO

CSO IoT Encryption Authentication

GAO warns government agencies: focus on IoT and OT within critical infrastructure

CSO Magazine

DECEMBER 15, 2022

The US Government Accounting Office (GAO) continues to highlight shortcomings in the cybersecurity posture of government entities responsible for the protection of United States infrastructure when it comes to internet of things (IoT) and operational technology (OT) devices and systems. To read this article in full, please click here

IoT

IoT Government Internet Internet

Securing the International IoT Supply Chain

Using Hacked IoT Devices to Disrupt the Power Grid

Trending Sources

Cataloging IoT Vulnerabilities

On IoT Devices and Software Liability

The UK Bans Default Passwords

Securing the Internet of Things through Class-Action Lawsuits

DDoS 2.0: IoT Sparks New DDoS Alert

Last Watchdog’s IoT and ‘zero trust’ coverage win MVP awards from Information Management Today

Top IoT Security Solutions of 2021

Patch now! The Mirai IoT botnet is exploiting TP-Link routers

End-to-End IoT Device Security: What You Need to Know

HomePwn: Swiss Army Knife for Penetration Testing of IoT Devices

Microsoft includes IoT devices under its Secured-core program

Lousy IoT Security

Portnox adds IoT fingerprinting to network access control service

IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024

BrandPost: Securing IoT: Best Practices for Retailers

How a new generation of IoT botnets is amplifying DDoS attacks

The Future of P2P IoT Botnets

S4x23 Review Part 4: Cybersecurity for Industrial IoT

Inrupt’s Solid Announcement

Palo Alto Networks looks to shore up healthcare IoT security

Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices

New TCP/IP Vulnerabilities Expose IoT, OT Systems

New Linux Cryptomining Malware

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

CrowdStrike expands Falcon platform with XDR for IoT assets

How to Secure IoT Devices

Protecting IoT Connected Devices Makes the Internet Safer

New Mirai botnet variant V3G4 targets Linux servers, IoT devices

How Will 5G Technology Alter IoT Security And How Can We Prepare?

Unfixed vulnerability in popular library puts IoT products at risk

IoT, connected devices biggest contributors to expanding application attack surface

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

Five Interesting Israeli CyberSecurity Companies

Default static key in ThingsBoard IoT platform can give attackers admin access

oneM2M IoT security specifications granted ITU approval

Does Home IoT Compromise Enterprise Security?

Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC

Dynamic analysis of firmware components in IoT devices

Palo Alto announces new SD-WAN features for IoT security, compliance support

IoT devices have serious security deficiencies due to bad random number generation

GAO warns government agencies: focus on IoT and OT within critical infrastructure

Stay Connected