Internet and IoT - Cyber Security Informer

IoT Devices in Password-Spraying Botnet

Schneier on Security

NOVEMBER 6, 2024

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. ” Some of the characteristics that make detection difficult are: The use of compromised SOHO IP addresses The use of a rotating set of IP addresses at any given time.

Passwords

Passwords IoT Accountability Internet

Why Technology Interoperability is the Key to a Safer Internet of Things (IoT)

Security Boulevard

DECEMBER 4, 2024

With IoT connectivity expanding, organizations across the industry must grapple with the complexities of securing this vast network of internet-connected “things.” The post Why Technology Interoperability is the Key to a Safer Internet of Things (IoT) appeared first on Security Boulevard.

IoT

IoT Internet Internet Technology

New Report on IoT Security

Schneier on Security

SEPTEMBER 28, 2022

The Atlantic Council has published a report on securing the Internet of Things: “Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem.”

IoT

IoT Telecommunications Manufacturing Internet

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

The assault came from “ Meris ,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare recently wrote about its attack , which clocked in at 17.2

IoT

IoT DDOS Internet Internet

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Encryption

MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier

The Last Watchdog

FEBRUARY 10, 2025

Were just getting started down the road to the Internet of Everything (IoE.) Related: IoT growing at a 24% clip To get there to fully tap the potential of a hyper-interconnected ecosystem where devices, data, AI and humans converge to benefit humankind cybersecurity must first catch up.

Internet

Internet Internet IoT Manufacturing

Analyzing IoT Security Best Practices

Schneier on Security

JUNE 25, 2020

New research: " Best Practices for IoT Security: What Does That Even Mean? " We consider categories of best practices, and how they apply over the lifecycle of IoT devices. Back in 2017, I catalogued nineteen security and privacy guideline documents for the Internet of Things. by Christopher Bellman and Paul C.

IoT

IoT Manufacturing Internet Internet

Half a Million IoT Device Passwords Published

Schneier on Security

JANUARY 22, 2020

It's a list of easy-to-guess passwords for IoT devices on the Internet as recently as last October and November. Useful for anyone putting together a bot network: A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) "smart" devices.

IoT

IoT Passwords Internet Internet

GreyNoise: AI’s Central Role in Detecting Security Flaws in IoT Devices

Security Boulevard

NOVEMBER 1, 2024

GreyNoise Intelligence researchers said proprietary internal AI-based tools allowed them to detect and identify two vulnerabilities in IoT live-stream cameras that traditional cybersecurity technologies would not have been able to discover.

IoT

IoT Technology Cybersecurity Threat Detection

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

DECEMBER 30, 2020

Hackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI. In the latest wave of attacks, hackers are using credential stuffing, where credentials from previously compromised accounts are used to gain access to internet-enabled smart home devices. “As

IoT

IoT Hacking Internet Internet

Securing the Internet of Things through Class-Action Lawsuits

Schneier on Security

FEBRUARY 27, 2020

This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities will produce insecure IoT devices, and (2) political failures will leave that industry unregulated. Result: insecure IoT.

Internet

Internet Internet IoT Manufacturing

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

SecureWorld News

JANUARY 8, 2025

Cyber Trust Mark, a voluntary cybersecurity labeling program designed to help consumers make informed decisions about the security of their internet-connected devices. From baby monitors to home security systems, these IoT products have become integral to daily life, yet they also present significant cybersecurity risks.

IoT

IoT Manufacturing Government Cybersecurity

IoT Security Principles

Schneier on Security

JULY 7, 2020

They just published "Policy Principles for Building a Secure and Trustworthy Internet of Things.". They call for: Distinguishing between consumer and industrial IoT. And if you need more security and privacy principles for the IoT, here's a list of over twenty. Offering incentives for integrating security.

IoT

IoT Internet Internet Software

Zxyel Flaw Powers New Mirai IoT Botnet Strain

Krebs on Security

MARCH 20, 2020

This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai , a malware strain that targets vulnerable Internet of Things (IoT) devices for use in large-scale attacks and as proxies for other cybercrime activity. which boasts some 100 million devices deployed worldwide.

IoT

IoT DDOS VPN Firewall

The Internet of Things is a Complete Mess (and how to Fix it)

Troy Hunt

JULY 13, 2021

I've spent more time IoT'ing my house over the last year than any sane person ever should. Plus, it's definitely added to our lives in terms of the things it enables us to do; see them in part 5 of my IoT unravelled blog series. You also want to be able to change the colour because hey, that's kinda cool.

Internet

Internet Internet IoT Firmware

Are the Police using Smart-Home IoT Devices to Spy on People?

Schneier on Security

OCTOBER 22, 2018

IoT devices are surveillance devices, and manufacturers generally use them to collect data on their customers. Surveillance is still the business model of the Internet, and this data is used against the customers' interests: either by the device manufacturer or by some third-party the manufacturer sells the data to.

IoT

IoT Surveillance Manufacturing Internet

IoT Unravelled Part 1: It's a Mess. But Then There's Home Assistant

Troy Hunt

NOVEMBER 22, 2020

With the benefit of hindsight, this was a naïve question: Alright clever IoT folks, I've got two of these garage door openers, what do you reckon the best way of connecting them with Apple HomeKit is? Everybody Wants to be "The IoT Solution" This is where the whole mess starts: what is the hub of your IoT world?

IoT

IoT Firmware Manufacturing Internet

Using Hacked IoT Devices to Disrupt the Power Grid

Schneier on Security

SEPTEMBER 11, 2018

This is really interesting research: " BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid ": Abstract : We demonstrate that an Internet of Things (IoT) botnet of high wattage devices-such as air conditioners and heaters-gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid.

IoT

IoT Hacking Marketing Engineering

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders. He found that 39 percent of the vulnerable IoT things were in China; another 19 percent are located in Europe; seven percent of them are in use in the United States.

IoT

IoT Firewall Manufacturing Computers and Electronics

Half a Million IoT Passwords Leaked

Schneier on Security

JULY 8, 2020

It is amazing that this sort of thing can still happen: the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. We have a long way to go to secure the IoT. The hacker then tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations.

IoT

IoT Passwords Internet Internet

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

The Last Watchdog

DECEMBER 17, 2023

The Internet of Things ( IoT ) is on the threshold of ascending to become the Internet of Everything ( IoE.) Infineon supplies semiconductors embedded in smart systems, most notably in automotive, power and IoT. We can execute a lot of machine learning, at the edge, in IoT devices.

IoT

IoT Internet Internet Technology

IoT Unravelled Part 2: IP Addresses, Network, Zigbee, Custom Firmware and Soldering

Troy Hunt

NOVEMBER 23, 2020

So, peeling back that next layer, the whole IoT space isn't just about devices that get their own IP address on your network and talk over TCP (or UDP). IoT and IP Addresses So, what happens when you start filling your home with IoT things? IoT and IP Addresses So, what happens when you start filling your home with IoT things?

Firmware

Firmware IoT Wireless Manufacturing

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

The Internet of Things (IoT) has come a long, long way since precocious students at Carnegie Melon University installed micro-switches inside of a Coca-Cola vending machine so they could remotely check on the temperature and availability of their favorite beverages. The mainstreaming of IoT IoT very clearly has gone mainstream.

IoT

IoT Healthcare Internet Internet

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

MARCH 28, 2019

Related: IoT botnets now available for economical DDoS blasts. The author of Mirai used a sledgehammer to kill a fly: the DDoS bombardment was so large that it also wiped out Dyn , a UK-based internet performance vendor. It’s easy to do when there are six million open DNS resolvers on the internet using poor security practices.”.

DDOS

DDOS IoT DNS Internet

What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets?

Troy Hunt

OCTOBER 13, 2017

Part of this data was collected via an IoT device called the InnoTab which is a wifi connected tablet designed for young kids; think Fisher Price designing an iPad. But let's not stop there because in fairness to VTech, it's not like they're the only ones to have had serious issues in their IoT toys. You know what they hate?

IoT

IoT Hacking Mobile Risk

‘Satori’ IoT Botnet Operator Pleads Guilty

Krebs on Security

SEPTEMBER 3, 2019

has pleaded guilty to federal hacking charges tied to his role in operating the “ Satori ” botnet, a crime machine powered by hacked Internet of Things (IoT) devices that was built to conduct massive denial-of-service attacks targeting Internet service providers, online gaming platforms and Web hosting companies.

IoT

IoT Internet Internet Hacking

XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices

Penetration Testing

NOVEMBER 27, 2024

NSFOCUS has identified a resurgence of the XorBot botnet, a potent threat to Internet of Things (IoT) devices worldwide.

IoT

IoT Internet Internet Cybersecurity

Study: Consumer security savvy is way behind IoT threat landscape

Tech Republic Security

DECEMBER 20, 2022

A new Comcast study hints at a major risk to businesses, governments and public systems due to poor cybersecurity in the booming Internet of Things industry. The post Study: Consumer security savvy is way behind IoT threat landscape appeared first on TechRepublic.

IoT

IoT Internet Internet Government

Here’s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack

The Last Watchdog

AUGUST 27, 2018

Distributed denial of service (DDoS) attacks continue to erupt all across the Internet showing not the faintest hint of leveling off, much less declining, any time soon. Related video: How DDoS attacks leverage the Internet’s DNA. This is borne out by Akamai Technologies’ Summer 2018 Internet Security/Web Attack Report.

DDOS

DDOS IoT Digital transformation Internet

Top 6 security risks associated with industrial IoT

Tech Republic Security

NOVEMBER 23, 2022

Industrial IoT is gaining adoption, but this comes with some security risks. The post Top 6 security risks associated with industrial IoT appeared first on TechRepublic. Check out the dangers and how you can avoid them.

IoT

IoT Risk Internet Internet

Contiki-NG IoT OS Patches Critical Vulnerabilities

Penetration Testing

NOVEMBER 28, 2024

Researchers have identified and addressed three critical vulnerabilities in Contiki-NG, a popular open-source operating system for Internet of Things (IoT) devices.

IoT

IoT Internet Internet Cybersecurity

6 ways to reduce your IoT attack surface

Tech Republic Security

NOVEMBER 7, 2022

As attackers target the ever-growing IoT attack surface, companies can reduce their risks with these six security best practices. The post 6 ways to reduce your IoT attack surface appeared first on TechRepublic.

IoT

IoT Risk Internet Internet

2022 will be the year of convergence between edge, IoT and networking tech, Forrester predicts

Tech Republic Security

NOVEMBER 4, 2021

IoT tech will help reduce emissions, satellite internet will challenge 5G, the chip shortage will continue and more will happen in 2022 as pandemic recovery continues to move slowly forward.

IoT

IoT Internet Internet

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. When it comes to IoT, we must arrive at specific rules of the road if we are to tap into the full potential of smart cities, autonomous transportation and advanced healthcare.

IoT

IoT Government Internet Internet

4 IoT Trends U.K. Businesses Should Watch in 2024

Tech Republic Security

MAY 2, 2024

TechRepublic identified the top four trends emerging in IoT that businesses in the U.K. should be aware of.

IoT

IoT Artificial Intelligence Internet Internet

Securing IoT with Microsoft Defender for IoT sensors

Tech Republic Security

JANUARY 26, 2023

The post Securing IoT with Microsoft Defender for IoT sensors appeared first on TechRepublic. Protecting the devices that run your production facilities is increasingly important. How can we secure single-purpose hardware?

IoT

IoT Internet Internet Network Security

On IoT Devices and Software Liability

Schneier on Security

JANUARY 12, 2024

New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.

IoT

IoT Software Manufacturing Internet

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

The Last Watchdog

APRIL 9, 2020

There’s no stopping the Internet of Things now. Related: The promise, pitfalls of IoT Companies have commenced the dispersal of IoT systems far and wide. Data collected by IoT devices will increasingly get ingested into cloud-centric networks where it will get crunched by virtual servers.

Internet

Internet Internet IoT Technology

How internet-facing webcams could put your organization at risk

Tech Republic Security

MARCH 13, 2023

By exploiting webcams and other IoT devices, hackers can spy on private and professional conversations, potentially giving them access to sensitive information, says BitSight. The post How internet-facing webcams could put your organization at risk appeared first on TechRepublic.

Internet

Internet Internet Risk IoT

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

The Last Watchdog

NOVEMBER 14, 2022

The technology industry hopes that Matter arises as the lingua franca for the Internet of Things. It could be the key that securely interconnects IoT systems at a much deeper level, which, in turn, would pave the way to much higher tiers of digital innovation. This time we drilled down on the security pedigree of Matter 1.0.

Internet

Internet Internet IoT Manufacturing

Using EM Waves to Detect Malware

Schneier on Security

JANUARY 14, 2022

” Abstract : The Internet of Things (IoT) is constituted of devices that are exponentially growing in number and in complexity. We recorded 100,000 measurement traces from an IoT device infected by various in-the-wild malware samples and realistic benign activity.

Malware

Malware IoT Firmware Internet

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Sundaresan Bindu Sundaresan , Cybersecurity Director, LevelBlue In 2025, cybercriminals will exploit supply chain vulnerabilities, ransomware, IoT botnets, and AI-driven phishing. Rising IoT use demands standards to prevent device weaponization, while AI-enabled phishing challenges defenses.

Cyber threats

Cyber threats CISO IoT Phishing

Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024

Tech Republic Security

OCTOBER 16, 2024

Zscaler ThreatLabz report reveals a 2024 surge in mobile, IoT, and OT cyberattacks, highlighting key trends and the need for zero trust security.

IoT

IoT Mobile Cyber threats Internet

IoT Devices in Password-Spraying Botnet

Why Technology Interoperability is the Key to a Safer Internet of Things (IoT)

Trending Sources

New Report on IoT Security

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

IoT Unravelled Part 3: Security

MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier

Analyzing IoT Security Best Practices

Half a Million IoT Device Passwords Published

GreyNoise: AI’s Central Role in Detecting Security Flaws in IoT Devices

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Securing the Internet of Things through Class-Action Lawsuits

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

IoT Security Principles

Zxyel Flaw Powers New Mirai IoT Botnet Strain

The Internet of Things is a Complete Mess (and how to Fix it)

Are the Police using Smart-Home IoT Devices to Spy on People?

IoT Unravelled Part 1: It's a Mess. But Then There's Home Assistant

Using Hacked IoT Devices to Disrupt the Power Grid

P2P Weakness Exposes Millions of IoT Devices

Half a Million IoT Passwords Leaked

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

IoT Unravelled Part 2: IP Addresses, Network, Zigbee, Custom Firmware and Soldering

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets?

‘Satori’ IoT Botnet Operator Pleads Guilty

XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices

Study: Consumer security savvy is way behind IoT threat landscape

Here’s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack

Top 6 security risks associated with industrial IoT

Contiki-NG IoT OS Patches Critical Vulnerabilities

6 ways to reduce your IoT attack surface

2022 will be the year of convergence between edge, IoT and networking tech, Forrester predicts

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

4 IoT Trends U.K. Businesses Should Watch in 2024

Securing IoT with Microsoft Defender for IoT sensors

On IoT Devices and Software Liability

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

How internet-facing webcams could put your organization at risk

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

Top industrial IoT security solutions

Using EM Waves to Detect Malware

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024

Stay Connected