CSO and IoT - Cyber Security Informer

IoT devices have serious security deficiencies due to bad random number generation

CSO Magazine

AUGUST 13, 2021

Get the latest from CSO by signing up for our newsletters. ] These are used for authentication, encryption, access control and many other aspects of modern security and they all require cryptographically secure random numbers -- sequences of numbers or symbols that are chosen in a way that's unpredictable by an attacker.

CSO

CSO IoT Encryption Authentication

Microsoft includes IoT devices under its Secured-core program

CSO Magazine

JUNE 22, 2022

Addressing security concerns associated with the growing momentum for edge computing , Microsoft is making its Edge Secured-core program for Windows-based IoT devices generally available. While support for Windows 10 IoT is generally available, it is still in preview for Linux.

IoT

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

The Security Ledger

MAY 13, 2023

In this episode of the podcast, I speak with Window Snyder, the founder and CEO of Thistle Technologies about the (many) security challenges facing Internet of Things (IoT) devices and her idea for making things better: Thistle’s platform for secure development and deployment of IoT devices. Read the whole entry. »

IoT

IoT Internet Internet Technology

Portnox adds IoT fingerprinting to network access control service

CSO Magazine

OCTOBER 12, 2022

Network security firm Portnox on Wednesday announced it is adding IoT fingerprinting features to the Portnox Cloud NAC-as-a-Service to allow companies to more easily identify and authorize devices on their networks.

IoT

IoT Network Security

BrandPost: Securing IoT: Best Practices for Retailers

CSO Magazine

NOVEMBER 30, 2021

Without a doubt, one of the most game-changing innovations is the Internet of Things (IoT). Industry analyst firm IDC expects there will be over 41 billion connected IoT devices by 2025. In particular, the retail sector is increasingly using IoT technology to personalize the customer experience and digitization.

Retail

Retail IoT Internet Internet

What is physical security? How to keep your facilities and devices safe from on-site attackers

CSO Magazine

AUGUST 4, 2021

Get the latest from CSO by signing up for our newsletters. ]. All the firewalls in the world can’t help you if an attacker removes your storage media from the storage room. Learn what you need to know about defending critical infrastructure. |

Artificial Intelligence

Artificial Intelligence CSO IoT Firewall

Palo Alto Networks looks to shore up healthcare IoT security

CSO Magazine

DECEMBER 5, 2022

Palo Alto Networks today rolled out a new Medical IoT Security offering, designed to provide improved visibility, automated monitoring and more for hitherto vulnerable healthcare IoT frameworks, thanks to machine learning and adherence to zero trust principles.

Healthcare

Healthcare IoT

How a new generation of IoT botnets is amplifying DDoS attacks

CSO Magazine

APRIL 25, 2022

His friend wanted to see how fast Mirai , a novel internet of things (IoT) botnet installer, would take over a Linux-based DVR camera recorder that was popular with medium-size businesses. It was late fall in 2016 when a fellow researcher joined him at the InGuardians lab, where he is director of research.

DDOS

DDOS IoT Internet Internet

CrowdStrike expands Falcon platform with XDR for IoT assets

CSO Magazine

APRIL 11, 2023

Cybersecurity vendor CrowdStrike has announced the release of new extended detection and response (XDR) capabilities within its Falcon platform to secure extended internet of things (XIoT) assets including IoT, Industrial IoT, OT, and medical devices. To read this article in full, please click here

IoT

IoT Internet Internet Risk

IoT security strategy from those who use connected devices

CSO Magazine

OCTOBER 21, 2022

IoT devices pose significant threats to enterprises because of lack of visibility into what devices are on enterprise networks and inadequate use of monitoring tools to watch for malicious behaviors.

IoT

Serious flaws in widespread embedded TCP/IP stack endanger industrial control devices

CSO Magazine

AUGUST 3, 2021

Get the latest from CSO by signing up for our newsletters. ]. This is highlighted by the findings over the past year of researchers from Forescout Research Labs and JFrog Security Research, who have investigated the TCP/IP stacks used in a variety of IoT and other embedded systems. Patching is not always an option.

CSO

CSO IoT Software

Securing the edge: 4 trends to watch

CSO Magazine

OCTOBER 12, 2021

Edge computing is a model where organizations, instead of relying solely on centralized datacenters, distribute processing and storage capacities closer to where the data is generated—IoT devices for instance—and to the users and applications consuming the data. Get the latest from CSO by signing up for our newsletters. ]

CSO

CSO IoT

New Mirai botnet variant V3G4 targets Linux servers, IoT devices

CSO Magazine

FEBRUARY 17, 2023

A new variant of Mirai — the botnet malware used to launch massive DDoS attacks —has been targeting 13 vulnerabilities in IoT devices connected to Linux servers, according to researchers at Palo Alto Network’s Unit 42 cybersecurity team.

IoT

IoT DDOS Malware Cybersecurity

Outdated IoT healthcare devices pose major security threats

CSO Magazine

JANUARY 31, 2022

More than half (53%) of the IoT (internet of things) and internet of medical things (IoMT) devices used in healthcare contain critical cybersecurity risks, according to The State of IoMT Device Security report by Cynerio, which analyzed devices from more than 300 hospitals in the US.

IoT

IoT Healthcare Internet Internet

IoT, connected devices biggest contributors to expanding application attack surface

CSO Magazine

JANUARY 31, 2023

The growth of the internet of things (IoT) and connected devices are the biggest contributing factors to organizations’ expanding attack surfaces.

IoT

IoT Marketing Internet Internet

Remote work raises threats from consumer IoT devices

CSO Magazine

FEBRUARY 2, 2021

Security researcher Andrei Costin started to work from home many years ago, and when it comes to security internet of things (IoT) devices, he had his fair share of eyebrow-raising moments.

IoT

IoT Firmware Internet Internet

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

CSO Magazine

JANUARY 19, 2021

Security researchers have found several serious vulnerabilities in dnsmasq, a utility used in many Linux-based systems, especially routers and other IoT devices, to provide DNS services. Sign up for CSO newsletters. ]. To read this article in full, please click here

DNS

DNS CSO IoT Software

oneM2M IoT security specifications granted ITU approval

CSO Magazine

MAY 3, 2023

The ITU Telecommunication Standardization Sector (ITU-T) has approved a set of security specifications for internet of things (IoT) systems. The oneM2M specifications define a common set of IoT service functions to enable secure data exchange and information interoperability across different vertical sectors, service providers, and use cases.

IoT

IoT Telecommunications Technology Internet

Default static key in ThingsBoard IoT platform can give attackers admin access

CSO Magazine

APRIL 6, 2023

Developers of ThingsBoard, an open-source platform for managing IoT devices that's used in various industry sectors, have fixed a vulnerability that could allow attackers to escalate their privileges on a server and send requests with administrative privileges.

IoT

Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats

Threatpost

APRIL 20, 2018

Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.

CSO

CSO IoT Internet Internet

Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC

CSO Magazine

OCTOBER 24, 2022

A secure by design approach is vital to protecting the internet of things (IoT) and smart cities, according to Lindy Cameron, CEO of the UK National Cyber Security Centre (NCSC). Growth of IoT giving rise to increased security threats.

IoT

IoT Technology Internet Internet

Palo Alto announces new SD-WAN features for IoT security, compliance support

CSO Magazine

MARCH 15, 2023

Cybersecurity vendor Palo Alto has announced new software-defined wide area network (SD-WAN) features in its Prisma SASE solution for IoT device security and to help customers meet industry-specific security compliance requirements.

IoT

IoT Phishing Software Cybersecurity

GAO warns government agencies: focus on IoT and OT within critical infrastructure

CSO Magazine

DECEMBER 15, 2022

The US Government Accounting Office (GAO) continues to highlight shortcomings in the cybersecurity posture of government entities responsible for the protection of United States infrastructure when it comes to internet of things (IoT) and operational technology (OT) devices and systems.

IoT

IoT Government Internet Internet

Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks

CSO Magazine

FEBRUARY 10, 2023

These connectivity solutions, also referred to as industrial wireless IoT devices, increase the attack surface of OT networks and can provide remote attackers with a shortcut into previously segmented network segments that contain critical controllers.

Wireless

Wireless IoT Technology Cybersecurity

BusyBox flaws highlight need for consistent IoT updates

CSO Magazine

NOVEMBER 10, 2021

Security researchers have found and reported 14 vulnerabilities in the BusyBox userspace tool that's used in millions of embedded devices running Linux-based firmware. While the flaws don't have high criticality, some of them do have the potential to result in remote code execution (RCE).

IoT

IoT Firmware Software

Known Vulnerabilities Drove Most Cyberattacks in 2022

Security Boulevard

MARCH 3, 2023

The data highlights that long-known vulnerabilities frequently cause more destruction than the shiny new ones,” Bob Huber, CSO and head of research, Tenable, said in a release detailing the findings in. The post Known Vulnerabilities Drove Most Cyberattacks in 2022 appeared first on Security Boulevard.

CSO

CSO IoT Malware Cybersecurity

Edge computing: The architecture of the future

CSO Magazine

OCTOBER 12, 2021

To fully digitize the last mile of business, you need to distribute compute power where it's needed most -- right next to IoT devices that collect data from the real world.

Architecture

Architecture IoT

BrandPost: Cybersecurity Steps for the Energy and Utilities Industry

CSO Magazine

NOVEMBER 30, 2021

Without a doubt, one of the most game-changing innovations is the Internet of Things (IoT). Industry analyst firm IDC expects there will be over 41 billion connected IoT devices by 2025. The exponential growth of IoT devices in the energy and utilities industry has greatly increased the need to focus on cybersecurity.

Energy and Utilities

Energy and Utilities Cybersecurity IoT Financial Services

Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT

The Security Ledger

JUNE 29, 2023

The post Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT appeared first on The Security Ledger with Paul F. Related Stories Episode 250: Window Snyder of Thistle on Making IoT Security Easy Forget the IoT. billion active IoT endpoints. Click the icon below to listen.

IoT

IoT Internet Internet CSO

How Machine Identities Can Imperil Enterprise Security

eSecurity Planet

OCTOBER 18, 2021

Machine identities now outnumber humans in enterprises, according to Nathanael Coffing, co-founder and CSO of Cloudentity. Coffing notes that the recently discovered ThroughTek Kalay vulnerability compromised 83 million IoT devices , which better machine identity management could have prevented. This should come as no surprise.

IoT

IoT Risk Architecture CSO

Linux malware is on the rise—6 types of attacks to look for

CSO Magazine

MAY 30, 2022

It is the host operating system for numerous application backends and servers and powers a wide variety of internet of things (IoT) devices. Linux is a coveted target. Still, not enough is done to protect the machines running it.

Malware

Malware IoT Internet Internet

6 top vulnerability management tools and how they help prioritize threats

CSO Magazine

JUNE 7, 2022

Today there are systems on-premises, IoT devices, public and private clouds, and substantially more custom applications. Not only has vulnerability management changed considerably over the years, but so have the systems on which enterprise security teams must identify and patch.

IoT

The race to secure 5G

CSO Magazine

MARCH 26, 2021

The combination of IoT, 5G, cloud, data analytics, quantum computing, and AI paves the way for new and improved products and services in the energy, transportation, manufacturing, healthcare and logistics industries, to name a few.

Manufacturing

Manufacturing IoT Healthcare

How to build a zero trust ecosystem

SC Magazine

MAY 19, 2021

Internet of Things (IoT), industrial control systems, operational technology has made securing connected devices more challenging as the entry points on networks have increased tremendously and introduced more opportunities for vulnerabilities with insecure communication protocols and configurations. James Carder, LogRhythm CSO.

CISO

CISO CSO Architecture IoT

Barracuda report: Almost everyone faced an industrial attack in the last year

CSO Magazine

JULY 12, 2022

A report commissioned by cloud security company Barracuda found that 94% of respondents have experienced some form of attack on their industrial IoT (IIoT) or operational technology (OT) systems during the last 12 months.

IoT

IoT Technology Risk

New Magnet Forensics app automates, coordinates cybersecurity response

CSO Magazine

FEBRUARY 11, 2022

Magnet Forensics has a track record for developing investigation software for the processing of evidence from computers, mobile devices, IoT devices and cloud services, and has had a strong user base among law enforcement and government agencies.

Cybersecurity

Cybersecurity IoT Data breaches Mobile

BrandPost: The Future of Machine Learning in Cybersecurity

CSO Magazine

FEBRUARY 15, 2023

Many organizations today possess a growing number of Internet of Things (IoT) devices that aren’t all known or managed by IT. Why Machine Learning Has Become Vital for Cybersecurity The need for machine learning has to do with complexity. All data and applications aren’t running on-premises, as hybrid and multicloud are the new normal.

Cybersecurity

Cybersecurity Big data IoT Internet

Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple

The Security Ledger

OCTOBER 4, 2023

Read the whole entry. » » Click the icon below to listen. Video Podcast ] | [ MP3 ] | [ Transcript ] Editor’s note: since recording this conversation with Tanya, We Hack Purple was acquired by Semgrep , where Tanya Janca in now the Head of Community and Education.

Hacking

Hacking CSO Education IoT

Are Ukraine’s drone capabilities being throttled in Russia-Ukraine conflict?

CSO Magazine

MARCH 11, 2022

Volodymyr Shymanskyy, co-founder of Blynk IoT Platform, made the claims on Twitter. Chinese drone producer DJI Global has been accused of limiting the capabilities of its AeroScope technology for the Ukrainian army, giving a significant air reconnaissance edge to Russian invaders amid the Russia-Ukraine conflict.

IoT

IoT Technology

BrandPost: How to Integrate Threat and Vulnerability Management into Security Operations

CSO Magazine

APRIL 14, 2022

Organizations are adopting threat exposure management techniques to manage business risks stemming from developing and applying technology such as Internet of Things (IoT) connectivity, quantum computing, and augmented reality.

IoT

IoT Technology Internet Internet

Cybersecurity First: #BeCyberSmart at Work and Home

Security Through Education

OCTOBER 27, 2021

In fact, the IoT market was due to reach 31 billion connected devices in 2020 and is estimated to reach 75 billion IoT devices by 2025. Typically, corporate networks are equipped with firewalls, a Chief Security Officer (CSO), and a whole cybersecurity department to keep them safe.

Cybersecurity

Cybersecurity Social Engineering Firewall Engineering

Growing number of endpoint security tools overwhelm users, leaving devices unprotected

CSO Magazine

FEBRUARY 8, 2023

Between the ongoing influence of remote work and IoT, the number and diversity of devices that have to be managed by endpoint security tools is on the rise. As a consequence, the number of available tools to manage them has also risen.

IoT

IoT Technology Cybersecurity

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

It is likely that the [role-based access control] frameworks is easier to design and implement for software systems, but when it comes to OT/IoT devices, wrong assumptions are made around how the devices will be accessed and how limited the access to these devices is. “This is a design failure,” agreed Kulkarni. “It

Surveillance

Surveillance IoT Accountability Passwords

NIST's new cyber-resiliency guidance: 3 steps for getting started

CSO Magazine

FEBRUARY 1, 2022

Some metrics rate the broader IoT ecosystem to be over 12 billion devices. We’re living in a time of unprecedented connectivity. Nearly everything you can think of is already or will soon be connected to networks and the internet. At the same time, we are living in a digitally driven economy.

IoT

IoT Internet Internet Accountability

IoT devices have serious security deficiencies due to bad random number generation

Microsoft includes IoT devices under its Secured-core program

Trending Sources

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

Portnox adds IoT fingerprinting to network access control service

BrandPost: Securing IoT: Best Practices for Retailers

What is physical security? How to keep your facilities and devices safe from on-site attackers

Palo Alto Networks looks to shore up healthcare IoT security

How a new generation of IoT botnets is amplifying DDoS attacks

CrowdStrike expands Falcon platform with XDR for IoT assets

IoT security strategy from those who use connected devices

Serious flaws in widespread embedded TCP/IP stack endanger industrial control devices

Securing the edge: 4 trends to watch

New Mirai botnet variant V3G4 targets Linux servers, IoT devices

Outdated IoT healthcare devices pose major security threats

IoT, connected devices biggest contributors to expanding application attack surface

Remote work raises threats from consumer IoT devices

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

oneM2M IoT security specifications granted ITU approval

Default static key in ThingsBoard IoT platform can give attackers admin access

Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats

Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC

Palo Alto announces new SD-WAN features for IoT security, compliance support

GAO warns government agencies: focus on IoT and OT within critical infrastructure

Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks

BusyBox flaws highlight need for consistent IoT updates

Known Vulnerabilities Drove Most Cyberattacks in 2022

Edge computing: The architecture of the future

BrandPost: Cybersecurity Steps for the Energy and Utilities Industry

Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT

How Machine Identities Can Imperil Enterprise Security

Linux malware is on the rise—6 types of attacks to look for

6 top vulnerability management tools and how they help prioritize threats

The race to secure 5G

How to build a zero trust ecosystem

Barracuda report: Almost everyone faced an industrial attack in the last year

New Magnet Forensics app automates, coordinates cybersecurity response

BrandPost: The Future of Machine Learning in Cybersecurity

Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple

Are Ukraine’s drone capabilities being throttled in Russia-Ukraine conflict?

BrandPost: How to Integrate Threat and Vulnerability Management into Security Operations

Cybersecurity First: #BeCyberSmart at Work and Home

Growing number of endpoint security tools overwhelm users, leaving devices unprotected

Camera tricks: Privacy concerns raised after massive surveillance cam breach

NIST's new cyber-resiliency guidance: 3 steps for getting started

Stay Connected