IoT and Risk - Cyber Security Informer

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Manufacturing

New Report on IoT Security

Schneier on Security

SEPTEMBER 28, 2022

The Atlantic Council has published a report on securing the Internet of Things: “Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem.”

IoT

IoT Telecommunications Manufacturing Internet

Top 6 security risks associated with industrial IoT

Tech Republic Security

NOVEMBER 23, 2022

Industrial IoT is gaining adoption, but this comes with some security risks. The post Top 6 security risks associated with industrial IoT appeared first on TechRepublic. Check out the dangers and how you can avoid them.

IoT

IoT Risk Internet Internet

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

SecureWorld News

JANUARY 8, 2025

From baby monitors to home security systems, these IoT products have become integral to daily life, yet they also present significant cybersecurity risks. Industry leaders back the initiative Key stakeholders have expressed their enthusiasm for the Cyber Trust Mark's potential to improve IoT security and consumer trust.

IoT

IoT Manufacturing Government Cybersecurity

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

Cyber threats CISO IoT Phishing

From Sensors to Servers: End-to-End Security for IoT in Critical Utility Networks

SecureWorld News

NOVEMBER 7, 2024

A single mistake can pose a significant risk to infrastructure and to the public. A connected world means a vulnerable world Utilities now rely on large networks of IoT devices, from sensors buried underground to servers that crunch data in remote locations. End-to-end encryption: Encrypt all data from sensors to controller.

IoT

IoT Firmware Encryption Authentication

New IoT Security Regulations

Schneier on Security

NOVEMBER 13, 2018

But like nearly all innovation, there are risks involved. And for products borne out of the Internet of Things, this means the risk of having personal information stolen or devices being overtaken and controlled remotely. But it's just one of dozens of awful "security" measures commonly found in IoT devices.

IoT

IoT Manufacturing Internet Internet

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

The Internet of Things (IoT) has come a long, long way since precocious students at Carnegie Melon University installed micro-switches inside of a Coca-Cola vending machine so they could remotely check on the temperature and availability of their favorite beverages. Related: Companies sustain damage from IoT attacks That was back in 1982.

IoT

IoT Healthcare Internet Internet

6 ways to reduce your IoT attack surface

Tech Republic Security

NOVEMBER 7, 2022

As attackers target the ever-growing IoT attack surface, companies can reduce their risks with these six security best practices. The post 6 ways to reduce your IoT attack surface appeared first on TechRepublic.

IoT

IoT Risk Internet Internet

What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets?

Troy Hunt

OCTOBER 13, 2017

Part of this data was collected via an IoT device called the InnoTab which is a wifi connected tablet designed for young kids; think Fisher Price designing an iPad. But let's not stop there because in fairness to VTech, it's not like they're the only ones to have had serious issues in their IoT toys. You know what they hate?

IoT

IoT Hacking Mobile Risk

Report: Most companies unaware of third-party IoT security measures

Tech Republic Security

JUNE 12, 2020

Only 37% of "high performer" organizations monitor the risk of IoT devices used by third parties, and current IoT risk-management programs can't keep pace, study said.

IoT

IoT Risk

Study: Consumer security savvy is way behind IoT threat landscape

Tech Republic Security

DECEMBER 20, 2022

A new Comcast study hints at a major risk to businesses, governments and public systems due to poor cybersecurity in the booming Internet of Things industry. The post Study: Consumer security savvy is way behind IoT threat landscape appeared first on TechRepublic.

IoT

IoT Internet Internet Government

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

Security Boulevard

JANUARY 8, 2025

The post Insecure Medical Devices Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard. IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings.

Risk

Risk Social Engineering Internet Internet

News alert: IDT Corp., AccuKnox partner to deploy runtime security-powered CNAPP at the edge of IoT

The Last Watchdog

MARCH 25, 2025

FinTech and Communications Leader, IDT Corporation partners with AccuKnox to deploy runtime security-powered CNAPP (Cloud Native Application Protection Platform) for IoT/Edge Security. This proactive approach aims to mitigate risks associated with AI-driven operations. Menlo Park, Calif., 25, 2025, CyberNewswire — AccuKnox, Inc.

IoT

IoT Retail Technology Marketing

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

They found unsecured IoT devices, including webcams and a fingerprint scanner, using them to bypass security defenses and successfully deploy the ransomware. The IoT device was running a lightweight Linux OS, that was the perfect target for Akiras Linux ransomware variant. ” reads the report published by the S-RM team.

Ransomware

Ransomware IoT Encryption Passwords

Old devices, new dangers: The risks of unsupported IoT tech

We Live Security

AUGUST 27, 2024

Out-of-date Internet of Things (IoT) devices can easily become exploited by bad actors looking to use them for their own agenda.

IoT

IoT Risk Internet Internet

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

SecureWorld News

OCTOBER 16, 2024

The breaches underscore the growing threat of vulnerabilities in IoT (Internet of Things) devices. Smart home users should stay vigilant, update device software regularly, and implement network security best practices to mitigate risks. The video is unnerving.

IoT

IoT Hacking Risk Internet

Cisco secures IoT, keeping security closer to networking

Cisco Security

FEBRUARY 6, 2023

The use of unmanaged and IoT devices in enterprises is growing exponentially, and will account for 55.7 A critical concern is deploying IoT devices without requisite security controls. Furthermore, 83% of IoT-based transactions happen over plaintext channels and not SSL, making them especially risky.

IoT

IoT Firewall Encryption Retail

DDoS 2.0: IoT Sparks New DDoS Alert

The Hacker News

SEPTEMBER 15, 2023

The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that collect and exchange

DDOS

DDOS IoT Healthcare Internet

Undocumented hidden feature found in Espressif ESP32 microchip

Security Affairs

MARCH 9, 2025

The experts warn that a hidden feature poses a security risk for millions of IoT devices. “Tarlogic Securityhas detected a hidden functionality that can be used as a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present inmillions of mass-market IoT devices.”

Manufacturing

Manufacturing IoT Firmware Mobile

How internet-facing webcams could put your organization at risk

Tech Republic Security

MARCH 13, 2023

By exploiting webcams and other IoT devices, hackers can spy on private and professional conversations, potentially giving them access to sensitive information, says BitSight. The post How internet-facing webcams could put your organization at risk appeared first on TechRepublic.

Internet

Internet Internet Risk IoT

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Boulevard

MARCH 21, 2025

Check out key findings and insights from the Tenable Cloud AI Risk Report 2025. And get the latest on open source software security; cyber scams; and IoT security. 1 - Tenable: Orgs using AI in the cloud face thorny cyber risks Using AI tools in cloud environments?

Risk

Risk IoT Cybersecurity Manufacturing

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

In September 2024, cybersecurity researchers from Lumens Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices. Violators risk penalties, with sanctions aimed at encouraging behavioral change rather than punishment.

Cybersecurity

Cybersecurity IoT Hacking Technology

Guardians of IoT: Addressing IoT security vulnerabilities in electric vehicles and charging stations

Security Boulevard

JANUARY 31, 2024

The rise of electric vehicles (EVs) and charging infrastructure necessitates robust security measures, especially in the context of IoT integration. Explore the vulnerabilities in EV systems and potential risks, proposing mitigation strategies like firmware updates, user authentication, intrusion detection systems, and collaboration.

IoT

IoT Firmware Authentication Risk

Surge in Malicious IoT Botnet Activity Raises Cybersecurity Concerns

SecureWorld News

JUNE 13, 2023

In a digital landscape increasingly dependent on interconnected devices, the rise in malicious Internet of Things (IoT) botnet activity is becoming a significant cause for concern. This tactic is commonly associated with a variety of IoT botnets, exploiting the lax security measures present in billions of IoT devices worldwide.

IoT

IoT Cybersecurity DDOS Malware

Amazing Fast Crypto for IoT — US NIST Fingers ASCON

Security Boulevard

FEBRUARY 9, 2023

Implementing modern cryptography standards on tiny IoT devices is hard. The post Amazing Fast Crypto for IoT — US NIST Fingers ASCON appeared first on Security Boulevard. They’re underpowered, need to sip battery charge and something like AES is often overkill.

IoT

IoT Internet Internet Mobile

Brits Ban Default Passwords — and More IoT Stupidity

Security Boulevard

APRIL 30, 2024

The post Brits Ban Default Passwords — and More IoT Stupidity appeared first on Security Boulevard. The UK’s Product Security and Telecommunications Infrastructure Act aims to improve the security of net-connected consumer gear.

IoT

IoT Passwords Social Engineering Telecommunications

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

SecureWorld News

JANUARY 16, 2025

Digital transformation: The integration of IoT, SCADA systems, and advanced analytics has increased operational efficiency but also expanded the attack surface. Regularly updating and patching systems, including antivirus software, firewalls, and SCADA networks, can mitigate this risk.

Energy and Utilities

Energy and Utilities IoT Artificial Intelligence Backups

Understanding IoT security risks and how to mitigate them | Cybersecurity podcast

We Live Security

JULY 10, 2024

As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?

IoT

IoT Risk Cybersecurity

Weekly Update 252

Troy Hunt

JULY 15, 2021

Scott Helme will also be here (as in Zoom "here") so it'll be a bit of fun and inevitably go way off topic, but I thought it would be fun to fix it up a bit 🙂 This week is more of the usual with Chrome's push to HTTPS, another gov on HIBP and more travels in IoT land.

IoT

IoT Risk

Weekly Update 339

Troy Hunt

MARCH 17, 2023

I found the discussion around IoT door locks especially interesting as it's a real nexus of security, usability and a bit of critical thinking about real world risks. References Yale IoT door locks seem to be the least bad ones you can buy!

IoT

IoT Financial Services Data breaches Risk

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

Persistent exploitation of legacy systems One of the most alarming aspects of Ghost ransomware is its focus on legacy IoT and OT environments. Organizations must work closely with their suppliers to ensure a long-term operations and risk mitigation plan." For the latest updates and resources, visit StopRansomware.gov.

Ransomware

Ransomware IoT Encryption Social Engineering

Smart Home Data Breach Exposes 2.7 Billion Records

ZoneAlarm

FEBRUARY 23, 2025

Mars Hydro, a Chinese company that makes IoT devices like LED lights and hydroponics equipment, recently suffered a massive data breach, exposing approximately 2.7 This breach has raised serious concerns about the security of internet-connected devices and the potential risks for consumers. billion records.

Data breaches

Data breaches IoT Internet Internet

IoT Consumer Labeling Goes Global – What This Means for Vendors and Consumers

Security Boulevard

MARCH 21, 2024

IoT producers must comprehend the relevant rules, consult legal and technological experts and evaluate cybersecurity procedures. The post IoT Consumer Labeling Goes Global – What This Means for Vendors and Consumers appeared first on Security Boulevard.

IoT

IoT Technology Cybersecurity Internet

5G and IoT for Enhanced Connectivity in Utility Infrastructure: The Future Is Now or Maybe Tomorrow?

SecureWorld News

OCTOBER 3, 2024

But what does 5G mean for utility IoT? This is where IoT (Internet of Things) devices come into play. Think of 5G as a highway and IoT devices as cars. But in the utility industry, IoT is very powerful. IoT is helping utilities shift from routine to proactive solutions. Let's get started.

IoT

IoT Energy and Utilities Internet Internet

Navigating Cybersecurity Risks in the Age of OT-IT Convergence

SecureWorld News

SEPTEMBER 19, 2024

This division of function, however, and both logical and physical separation is blurring as IoT rises to connect more and more discrete systems, while IT and OT are increasingly forced to work together to modernize industry and critical infrastructure, to help mechanical systems to become "smart."

Risk

Risk IoT Cybersecurity Technology

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

The Hacker News

MAY 13, 2024

These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT

Risk

Risk IoT Cybersecurity

Flaws in Xerox VersaLink MFPs Spotlight Printer Security Concerns

Security Boulevard

FEBRUARY 19, 2025

Two security flaws found in Xerox VersaLink MFPs could allow hackers to capture authentication credentials and move laterally through enterprise networks and highlight the often-overlooked cyber risks that printers and other IoT devices present to organizations.

Cyber Risk

Cyber Risk IoT Authentication Risk

The SBOM Survival Guide: Why SBOM Compliance is Set to Ignite IoT Security

Security Boulevard

SEPTEMBER 11, 2024

The post The SBOM Survival Guide: Why SBOM Compliance is Set to Ignite IoT Security appeared first on Security Boulevard. Once SBOM and IAM provisioning knit seamlessly with policy-driven data encryption and AI-powered monitoring, they will have a far stronger security posture.

IoT

IoT Encryption Risk Government

RSAC Fireside Chat: X9 PKI emerges to help financial sector interoperate, get ready for ‘Q-Day’

The Last Watchdog

APRIL 24, 2025

Related: PKI and the IoT cloud One quiet but consequential development now taking root in the financial sector could prove pivotal: the emergence of a dedicated Public Key Infrastructure (PKI) framework, tailored to banks and payment networks, guided by the Accredited Standards Committee X9 (ASC X9), and being rolled out by DigiCert.

Banking

Banking Internet Internet IoT

Integrating GRC with Emerging Technologies: AI and IoT

SecureWorld News

JANUARY 7, 2024

The integration of Governance, Risk, and Compliance (GRC) strategies with emerging technologies like Artificial Intelligence and the Internet of Things are reshaping the corporate risk landscape. The importance of GRC GRC programs are vital in helping organizations improve decision-making and minimize risk.

IoT

IoT Technology Artificial Intelligence Government

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. Attackers can also trigger flaws to extract network details to infiltrate connected systems, increasing the risk of data breaches and ransomware attacks.

Firmware

Firmware Manufacturing IoT Healthcare

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

We have moved beyond traditional compliance-driven security models to risk-based approaches, integrating cybersecurity into enterprise risk management (ERM) frameworks. This led to a reactive approach where organizations were more focused on regulatory adherence than on actual security risk management.

Government

Government Cybersecurity Risk CISO

Human Factors in SCADA and IoT Security: Addressing the Biggest Vulnerability in Industrial Systems

SecureWorld News

AUGUST 3, 2024

Human factors, such as errors in judgment, inadequate training, and simple errors, pose significant safety risks. The hidden weakness: human error Despite leaps in cybersecurity technology, human error remains an Achilles heel in SCADA and IoT security.

IoT

IoT Education Technology Passwords

IoT Unravelled Part 3: Security

New Report on IoT Security

Webinars

Trending Sources

Top 6 security risks associated with industrial IoT

Webinars

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

From Sensors to Servers: End-to-End Security for IoT in Critical Utility Networks

New IoT Security Regulations

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

6 ways to reduce your IoT attack surface

What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets?

Report: Most companies unaware of third-party IoT security measures

Study: Consumer security savvy is way behind IoT threat landscape

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

News alert: IDT Corp., AccuKnox partner to deploy runtime security-powered CNAPP at the edge of IoT

Akira ransomware gang used an unsecured webcam to bypass EDR

Old devices, new dangers: The risks of unsupported IoT tech

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

Cisco secures IoT, keeping security closer to networking

DDoS 2.0: IoT Sparks New DDoS Alert

Undocumented hidden feature found in Espressif ESP32 microchip

How internet-facing webcams could put your organization at risk

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Guardians of IoT: Addressing IoT security vulnerabilities in electric vehicles and charging stations

Surge in Malicious IoT Botnet Activity Raises Cybersecurity Concerns

Amazing Fast Crypto for IoT — US NIST Fingers ASCON

Brits Ban Default Passwords — and More IoT Stupidity

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

Understanding IoT security risks and how to mitigate them | Cybersecurity podcast

Weekly Update 252

Weekly Update 339

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Smart Home Data Breach Exposes 2.7 Billion Records

IoT Consumer Labeling Goes Global – What This Means for Vendors and Consumers

5G and IoT for Enhanced Connectivity in Utility Infrastructure: The Future Is Now or Maybe Tomorrow?

Navigating Cybersecurity Risks in the Age of OT-IT Convergence

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

Flaws in Xerox VersaLink MFPs Spotlight Printer Security Concerns

The SBOM Survival Guide: Why SBOM Compliance is Set to Ignite IoT Security

RSAC Fireside Chat: X9 PKI emerges to help financial sector interoperate, get ready for ‘Q-Day’

Integrating GRC with Emerging Technologies: AI and IoT

PTZOptics cameras zero-days actively exploited in the wild

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

Human Factors in SCADA and IoT Security: Addressing the Biggest Vulnerability in Industrial Systems

Stay Connected