InfoSec and IoT - Cyber Security Informer

Daniel Miessler on My Writings about IoT Security

Schneier on Security

JANUARY 9, 2018

Daniel Miessler criticizes my writings about IoT security: I know it's super cool to scream about how IoT is insecure, how it's dumb to hook up everyday objects like houses and cars and locks to the internet, how bad things can get, and I know it's fun to be invited to talk about how everything is doom and gloom. Yes, definitely.

IoT

IoT InfoSec Risk Internet

Weekly Update 206

Troy Hunt

AUGUST 28, 2020

Having said that, some parts have been hard because I've made simple mistakes , but the nature of the IoT ecosystem as it stands today predisposes you to mistakes because there's so freakin' many moving parts that all need to be aligned. More on that in the video, plus some actual infosec content too! More on all of that next week ??

InfoSec

InfoSec IoT Passwords

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

SecureWorld News

FEBRUARY 5, 2025

Supply chain and cloud misconfigurations are weak links 82% of breaches stem from IoT and cloud misconfigurations, exposing businesses to cascading failures. Nation-state actors from China, Russia, and Iran are leveraging Advanced Persistent Threats (APTs) for espionage and infrastructure sabotage.

InfoSec

InfoSec Energy and Utilities Cybersecurity Education

Weekly Update 293

Troy Hunt

APRIL 30, 2022

Didn't get a lot done this week, unless you count scuba diving, snorkelling, spear fishing and laying around on tropical sand cays 😎 This week is predominantly about the time we just spent up on the Great Barrier Reef which has very little relevance to infosec, IoT, 3D printing and the other usual topics.

InfoSec

InfoSec IoT

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

How to hack IoT & RF Devices with BürtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e. The post Hacking IoT & RF Devices with BürtleinaBoard appeared first on Security Affairs.

IoT

IoT Hacking Firmware Advertising

US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’

Security Boulevard

MARCH 10, 2022

The post US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’ appeared first on Security Boulevard. But scratch the surface and there’s not much of a There there. What looks like a coordinated PR campaign relies on “people familiar with the.

InfoSec

InfoSec Media Hacking Social Engineering

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. In August 2017, security researchers Ankit Anubhav found a list of more than 1,700 valid Telnet credentials for IoT devices online. 33000+ telnet credentials of IoT devices exposed on pastebin.

IoT

IoT DDOS InfoSec Internet

7 Old IT Things Every New InfoSec Pro Should Know

Dark Reading

APRIL 20, 2021

Beneath all those containers and IoT devices, there's a rich patchwork of gear, protocols, and guidelines that have been holding it together since before you were born. Knowledge of those fundamentals is growing more valuable, not less.

InfoSec

InfoSec IoT

5 Fundamental But Effective IoT Device Security Controls

Threatpost

APRIL 23, 2021

Matt Dunn, the associate managing director for cyber-risk at Kroll, discusses how to keep networks safe from insecure IoT devices.

IoT

IoT Cyber Risk Risk InfoSec

IoT Security Checklist

Security Boulevard

MAY 27, 2021

Internet-connected devices, collectively known as the Internet of Things or IoT, can provide opportunities for attackers to access your network–and as a result, devices more sensitive than your lightbulbs. The post IoT Security Checklist appeared first on Hurricane Labs. The post IoT Security Checklist appeared first on Hurricane Labs.

IoT

IoT Manufacturing Internet Internet

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Security Affairs

FEBRUARY 18, 2020

Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of you, with a multitude of debuggers (i.e. But it saves my time while hacking (I)IoT targets. SecurityAffairs – hacking IoT, Focaccia board). stlink, jlink, RS23–2-2USB, etc.). Note: this is not wired with the FT232H anyhow, is up to you.

IoT

IoT Hacking Firmware Advertising

"Pwned", the Book, is Finally Here!

Troy Hunt

SEPTEMBER 8, 2022

Captivating stuff, apart from infosec, you really feel as though you’ve been taken on a journey with Troy through the years of living in paradise a.k.a. Plenty of tech, data breaches, career hacks, IoT, Cloud, password management, application security, and more, delivered in a fun way. This book has it all.

InfoSec

InfoSec Password Management Passwords IoT

ISO/IEC 27400 IoT security and privacy standard published

Notice Bored

JUNE 13, 2022

To celebrate the publication of ISO/IEC 27400:2022 today, we have slashed the price for our IoT security policy templates to just $10 each through SecAware.com. IoT policy is the first of the basic security controls shown on the 'risk-control spectrum' diagram above, and is Control-01 in the new standard.

IoT

IoT Manufacturing Risk Information Security

DEF CON 29 Main Stage – Dan Petro’s ‘You’re Doing IoT RNG’

Security Boulevard

SEPTEMBER 5, 2021

The post DEF CON 29 Main Stage – Dan Petro’s ‘You’re Doing IoT RNG’ appeared first on Security Boulevard. Our thanks to DEFCON for publishing their outstanding DEFCON Conference Main Stage Videos on the groups' YouTube channel.

IoT

IoT Education InfoSec Information Security

Experts Bemoan Shortcomings with IoT Security Bill

Threatpost

SEPTEMBER 13, 2018

The infosec community say a recently approved IoT security bill is "nice," but doesn't hit on the important issues.

IoT

IoT InfoSec DDOS Passwords

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

Seismic monitoring equipment is vulnerable to common cybersecurity threats like those faced by IoT devices, a new research paper warns. “It seems that most seismologists and network operators are unaware of the vulnerabilities of their IoT devices, and the potential risk that their monitoring networks are exposed to,” said Samios.

IoT

IoT InfoSec Data collection Encryption

New certification program trains cyber pros in cloud, IoT and other emerging tech

SC Magazine

APRIL 21, 2021

A visitor looks at an IoT & 5G motherboard at the booth of STMicroelectronics during Electronica China 2021 at Shanghai New International Expo Centre on April 14, 2021 in Shanghai, China. The world of IoT is a vast one to learn for infosec practitioners, but ultimately it comes down to seeing them tiny computers, said Brewer.

IoT

IoT Technology Artificial Intelligence Software

Shifting Threats in a Changed World: Edge, IoT and Vaccine Fraud

Threatpost

MAY 11, 2021

Aamir Lakhani, researcher at FortiGuard Labs, discusses leading-edge threats related to edge access/browsers/IoT, and the COVID-19 vaccine, as a way of getting into larger organizations.

IoT

IoT InfoSec Malware

DEFCON 29 IoT Village – Sessler and Hendricks’ ‘IoT Devices As Government Witnesses’

Security Boulevard

NOVEMBER 21, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Sessler and Hendricks’ ‘IoT Devices As Government Witnesses’ appeared first on Security Boulevard.

IoT

IoT Government Education InfoSec

5 Cybersecurity Trends to Watch in 2022

Threatpost

DECEMBER 29, 2021

Here’s what cybersecurity watchers want infosec pros to know heading into 2022. .

InfoSec

InfoSec Cybersecurity IoT Mobile

DEFCON 29 IoT Village – Tim Jensen’s ‘EapolSniper – IoT Testing Crash Course’

Security Boulevard

NOVEMBER 20, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Tim Jensen’s ‘EapolSniper – IoT Testing Crash Course’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. Thanks to the analysis and help of Sternum IoT, ChargePoint was able to correct weaknesses in CPH50, reduce the attack surface and thus improve the security of the product.

IoT

IoT InfoSec Firmware Manufacturing

DEFCON 29 IoT Village – Cheryl Biswas’ ‘Mind The Gap: Managing Insecurity In Enterprise IoT’

Security Boulevard

NOVEMBER 28, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Cheryl Biswas’ ‘Mind The Gap: Managing Insecurity In Enterprise IoT’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

DEFCON 29 IoT Village – Amit Elazari’s, Anahit Tarkhanyan’s And Rita Cheruvu’s ‘Establishing IoT Trustworthiness’

Security Boulevard

NOVEMBER 28, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Amit Elazari’s, Anahit Tarkhanyan’s And Rita Cheruvu’s ‘Establishing IoT Trustworthiness’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

DEFCON 29 IoT Village – Harshit Agrawal’s ‘Defending IoT In The Future Of High Tech Warfare’

Security Boulevard

NOVEMBER 27, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Harshit Agrawal’s ‘Defending IoT In The Future Of High Tech Warfare’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

The Danger and Opportunity in 5G Connectivity and IoT

Threatpost

OCTOBER 22, 2018

The advent of 5G presents an opportunity for us to think the exploding number of IoT devices and how we securely connect to the digital world.

IoT

IoT Authentication Encryption InfoSec

DEFCON 29 IoT Village – Ted Harrington’s ‘When Penetration Testing Isn’t Penetration Testing At All’

Security Boulevard

NOVEMBER 21, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Ted Harrington’s ‘When Penetration Testing Isn’t Penetration Testing At All’ appeared first on Security Boulevard.

Penetration Testing

Penetration Testing IoT Education InfoSec

DEFCON 29 IoT Village – Hutch’s ‘Alexa, Have You Been Compromised?’

Security Boulevard

NOVEMBER 26, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Hutch’s ‘Alexa, Have You Been Compromised?’ ’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

DEFCON 29 IoT Village – Alexi Kojenov’s ‘I Used AppSec Skills To Hack IoT And So Can You’

Security Boulevard

NOVEMBER 19, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Alexi Kojenov’s ‘I Used AppSec Skills To Hack IoT And So Can You’ appeared first on Security Boulevard.

IoT

IoT Hacking Education InfoSec

DEFCON 29 IoT Village – Ria Cheruvu’s ‘Ethics At The Edge’

Security Boulevard

NOVEMBER 22, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Ria Cheruvu’s ‘Ethics At The Edge’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

I'm Testifying in Front of Congress in Washington DC about Data Breaches - What Should I Say?

Troy Hunt

NOVEMBER 21, 2017

Obviously, the work I've been doing with Have I Been Pwned (HIBP) has given me a heap of insight into this specific area of infosec over the last 4 years and the folks from DC felt my views on things might be helpful. That was all great and I was happy to share my thoughts from the other side of the world.

Data breaches

Data breaches InfoSec Backups IoT

DEFCON 29 IoT Village – Barak Hadad’s And Gal Kaufman’s ‘Reverse Supply Chain Attack’

Security Boulevard

NOVEMBER 27, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Barak Hadad’s And Gal Kaufman’s ‘Reverse Supply Chain Attack’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

DEFCON 29 IoT Village – Juneau’s ‘Strategic Trust And Deception In The Internet Of Things’

Security Boulevard

NOVEMBER 24, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Juneau’s ‘Strategic Trust And Deception In The Internet Of Things’ appeared first on Security Boulevard.

IoT

IoT Internet Internet Education

Stepping on the cracks

Notice Bored

MAY 24, 2021

T he recently-published ISO/IEC TS 27570 " Privacy guidelines for smart cities" neatly illustrates the creativity required to tackle new information risks arising from innovation in the realm of IoT, AI and short range data communications between the proliferating portable, wearable and mobile IT devices now roaming our city streets.

InfoSec

InfoSec Risk IoT Information Security

DEFCON 29 IoT Village – Ross’ And Balazs’ – ‘MIPS X: The Next IoT Frontier’

Security Boulevard

NOVEMBER 22, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Ross’ And Balazs’ – ‘MIPS X: The Next IoT Frontier’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

DEFCON 29 IoT Village – Jay Balan’s ‘5 Years Of IoT Vulnerability Research And Countless 0Days’

Security Boulevard

NOVEMBER 26, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Jay Balan’s ‘5 Years Of IoT Vulnerability Research And Countless 0Days’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

DEF CON 29 Biohacking Village – Aaron Guzman’s ‘OWASP & CSA IoT Impacting Medical Security’

Security Boulevard

OCTOBER 3, 2021

The post DEF CON 29 Biohacking Village – Aaron Guzman’s ‘OWASP & CSA IoT Impacting Medical Security’ appeared first on Security Boulevard. Our thanks to DEFCON for publishing their tremendous DEFCON Conference Biohacking Village videos on the groups' YouTube channel.

IoT

IoT Education InfoSec Information Security

DEFCON 29 IoT Village – Dan Petro’s And Allan Cecil’s ‘You’re Doing IoT RNG’

Security Boulevard

NOVEMBER 23, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Dan Petro’s And Allan Cecil’s ‘You’re Doing IoT RNG’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

Domotics - a can-o-worms

Notice Bored

APRIL 12, 2022

This morning, I’ve been browsing and thinking about ISO/IEC 27403 , a draft ISO27k standard on the infosec and privacy aspects of “domotics” i.e. IoT things at home. IoT things are generally just black-boxes. smart heating controls, door locks and cat feeders). Security monitoring and management (e.g.

IoT

IoT InfoSec Risk Security Awareness

US Hacker ‘P4x’ Gets Back at Pyongyang (but We Smell a Rat)

Security Boulevard

FEBRUARY 3, 2022

An infosec researcher was hacked by North Korea. law enforcement did nothing, so he took matters into his own hands. The post US Hacker ‘P4x’ Gets Back at Pyongyang (but We Smell a Rat) appeared first on Security Boulevard.

InfoSec

InfoSec Hacking Social Engineering IoT

DEFCON 29 IoT Village – Victor Hanna’s ‘LED Light Lunacy’

Security Boulevard

NOVEMBER 20, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Victor Hanna’s ‘LED Light Lunacy’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

Kingston Technology Wins Coveted Global InfoSec Awards During RSA Conference 2021

CyberSecurity Insiders

MAY 22, 2021

a world leader in memory products and technology solutions, is proud to announce it has won the following Global InfoSec Awards for its encrypted USB solutions family from Cyber Defense Magazine (CDM), the industry’s leading electronic information magazine: Data Loss Prevention Market Leader. “We About CDM InfoSec Awards.

InfoSec

InfoSec Technology Encryption Marketing

DEFCON 29 IoT Village – Chloé Messdaghi’s and Camille Eddy’s ‘Representation Matters’

Security Boulevard

NOVEMBER 23, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel. The post DEFCON 29 IoT Village – Chloé Messdaghi’s and Camille Eddy’s ‘Representation Matters’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Information Security

Security BSides Athens 2022 – Brian Contos’ ‘Talk 1 – Cameras, CACs & Clocks: Enterprise IoT Security Sucks – A Story of Two Million Interrogated Production IoT Devices’

Security Boulevard

JULY 2, 2022

The post Security BSides Athens 2022 – Brian Contos’ ‘Talk 1 – Cameras, CACs & Clocks: Enterprise IoT Security Sucks – A Story of Two Million Interrogated Production IoT Devices’ appeared first on Security Boulevard.

IoT

IoT Education InfoSec Cybersecurity

Daniel Miessler on My Writings about IoT Security

Weekly Update 206

Trending Sources

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

Weekly Update 293

Hacking IoT & RF Devices with BürtleinaBoard

US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

7 Old IT Things Every New InfoSec Pro Should Know

5 Fundamental But Effective IoT Device Security Controls

IoT Security Checklist

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

"Pwned", the Book, is Finally Here!

ISO/IEC 27400 IoT security and privacy standard published

DEF CON 29 Main Stage – Dan Petro’s ‘You’re Doing IoT RNG’

Experts Bemoan Shortcomings with IoT Security Bill

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

New certification program trains cyber pros in cloud, IoT and other emerging tech

Shifting Threats in a Changed World: Edge, IoT and Vaccine Fraud

DEFCON 29 IoT Village – Sessler and Hendricks’ ‘IoT Devices As Government Witnesses’

5 Cybersecurity Trends to Watch in 2022

DEFCON 29 IoT Village – Tim Jensen’s ‘EapolSniper – IoT Testing Crash Course’

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

DEFCON 29 IoT Village – Cheryl Biswas’ ‘Mind The Gap: Managing Insecurity In Enterprise IoT’

DEFCON 29 IoT Village – Amit Elazari’s, Anahit Tarkhanyan’s And Rita Cheruvu’s ‘Establishing IoT Trustworthiness’

DEFCON 29 IoT Village – Harshit Agrawal’s ‘Defending IoT In The Future Of High Tech Warfare’

The Danger and Opportunity in 5G Connectivity and IoT

DEFCON 29 IoT Village – Ted Harrington’s ‘When Penetration Testing Isn’t Penetration Testing At All’

DEFCON 29 IoT Village – Hutch’s ‘Alexa, Have You Been Compromised?’

DEFCON 29 IoT Village – Alexi Kojenov’s ‘I Used AppSec Skills To Hack IoT And So Can You’

DEFCON 29 IoT Village – Ria Cheruvu’s ‘Ethics At The Edge’

I'm Testifying in Front of Congress in Washington DC about Data Breaches - What Should I Say?

DEFCON 29 IoT Village – Barak Hadad’s And Gal Kaufman’s ‘Reverse Supply Chain Attack’

DEFCON 29 IoT Village – Juneau’s ‘Strategic Trust And Deception In The Internet Of Things’

Stepping on the cracks

DEFCON 29 IoT Village – Ross’ And Balazs’ – ‘MIPS X: The Next IoT Frontier’

DEFCON 29 IoT Village – Jay Balan’s ‘5 Years Of IoT Vulnerability Research And Countless 0Days’

DEF CON 29 Biohacking Village – Aaron Guzman’s ‘OWASP & CSA IoT Impacting Medical Security’

DEFCON 29 IoT Village – Dan Petro’s And Allan Cecil’s ‘You’re Doing IoT RNG’

Domotics - a can-o-worms

US Hacker ‘P4x’ Gets Back at Pyongyang (but We Smell a Rat)

DEFCON 29 IoT Village – Victor Hanna’s ‘LED Light Lunacy’

Kingston Technology Wins Coveted Global InfoSec Awards During RSA Conference 2021

DEFCON 29 IoT Village – Chloé Messdaghi’s and Camille Eddy’s ‘Representation Matters’

Security BSides Athens 2022 – Brian Contos’ ‘Talk 1 – Cameras, CACs & Clocks: Enterprise IoT Security Sucks – A Story of Two Million Interrogated Production IoT Devices’

Stay Connected