IoT Security News, Articles and Updates

SirenJack flaw exposes problems in emergency alert system

Security researchers have found a flaw in the emergency alert warning siren system used by many local authorities - could be sounded by hackers, research finds.

Government calls for revamp in IoT security; will manufacturers listen?

Government plans for IOT security welcomed but also criticised as being only a set of advisories and recommendations which do not include watertight regulations around credentials and authentication.

Securing the future of IoT; poor implementation will weaken security

IoT is part of a fundamental shift forward in enterprise networking - towards a cloud-enabled 'consume' approach - and yet most companies plan to implement IoT in a way that parallels an outdated way of 'DIY' networking.

IoT botnets will force governments to regulate IoT device manufacturers

As IoT botnet attacks continue to grow in size and effectiveness in 2018, the damage they cause will force the IoT manufacturing industry to add stronger security to their products.

Satori Botnet able to launch crippling attacks at any time

A massive new IoT botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time. According to the IBT the botnet has already infected more than 280,000 IP addresses in just 12 hours.

Vendors must step up to IoT security challenges - which are mostly basic

Only by understanding the true nature of threats and the vulnerabilities they exploit can we hope to prevent them says Susan Bowen, adding, the reason why Mirai IOT attacks were so effective is the lack any form of embedded security.

'Ransomware of things' spell trouble for transportation industry

The next step in the evolution of ransomware would be what they called "jackware" or ransomware designed to target connected devices subsequently creating a ransomware of things (RoT).

Quality is more important than quantity in the connected home

The issue for home IOT devices is trust and ease of use says Kevin Cunningham, managing director at SQS, and perceived problems of the connected home, such as security issues and privacy issues, need to be addressed now.

Connected devices can get pwned by attackers every 2 minutes

IoT device pwned by credential attackers once every 120 seconds in SANS research using real connected device rather than honeypot.

Insecure IoT devices to be prohibited, US Federal purchases restricted

The US Congress has introduced a bill which aims to prohibit sale of Internet of Things (IoT) devices to the government if they can't be patched or have their password changed.

Malware piggybacks on IoT devices from Vietnam and Taiwan - Kaspersky

In Vietnam and Taiwan, malware is being mass produced alongside cheap web cameras, DVRs and other IoT devices, according to a report from Kaspersky Lab.

ICYMI: Intel bug; early disclosure; counter-terror expo; Kaspersky; Macron

In Case You Missed It: Intel AMT bug; MS early disclosure spat; counter-terror expo; Kaspersky accused; Macron's DP.

[Updated] Nomx 'secure email server' challenged by British researchers

The CEO and CTO of nomx LLC has vigorously defended his product against claims that it is not secure after it was hacked by British security researchers Prof Alan Woodward and Scott Helme.

'Growing' IoT Security Foundation appoints new chairman, board member

Internet of Things Security Foundation brings Prof Paul Dorey in as chairman of the board and appoints Dr Stephen Pattison to steering board.

Kaspersky Labs releases KasperskyOS for embedded systems market

Fifteen years in the making, KasperskyOS - the latest operating system specifically for embedded systems - makes its commercial debut today.

Flaws in defibrillator security set researchers' hearts aflutter

Wireless implanted medical devices with little or no security are shown to be vulnerable to hacking, enabling hackers to eavesdrop on confidential medical data or tamper with life-saving therapies.

Same fate befalls Post Office broadband as hit DT?

With reports of outages to customers of Post Office broadband and TalkTalk, the attack that that nearly a million Deutsche Telekom customers over the weekend appears to have made its way to the UK's shores.

We have the power: 'Smart' sockets could be enslaved to create botnet

Bitdefender has discovered vulnerabilities in a popular brand of 'smart' electrical socket which could lead to attacks on your local area network or the recruitment of the IoT device as part of a global botnet.

A step in the right direction for security in the world of IoT?

Security companies appear to have woken up to the IoT threat, as Bullguard acquires "Security of Things" company Dojo Labs and F-Secure launches an IoT security monitor.

ICYMI: IoT alarms, Russia v Clinton v2, FireEye layoffs, cyber-crime Olympics

In case you missed it (ICYMI) this week, concerns over IOT burglar alarm, more attacks to come on Clinton campaign, FireEye redundancies and the Olympics of cyber-crime.

Insurance firm now offering discount on use of IoT alarm

Insurance firm Zurich is offering a discount on monthly insurance fees should a customer use the IoT alarm offered by Cocoon, despite security concerns over IoT devices.

IHS Markit says video doorbell use is on the rise, but are they safe?

Information and data experts at IHS Markit are reporting exponential growth of video doorbells which are outpacing conventional video door phones. But are they safe?

Medical staff routinely ignore IT security to do their jobs

Doctors and nurses would rather save a patient's life than adhere to infosec best practices, according to new research into healthcare cyber-security.

IT pros are not sure how to properly secure their IoT devices

While most IT professionals acknowledge the growing amount of IoT devices on their networks, they are unaware of how to properly secure them.

UMICH researchers remotely pick locks of Samsung SmartThing connected home systems

In a series of attacks, University of Michigan researchers hacked into Samsung SmartThing connected home systems and remotely unlocked doors.

Nest disables smart home device, triggers IoT security concerns

Nest will disable its smart home product Revolv on May 15th. Revolv founders Tim Enwall and Mike Soucie will re-focus on building Works with Nest.

Short term gain, long term pain: Avoiding IoT security shortcuts

In the rush to be first to market many organisations overlook basic IoT security principles, putting users at risk. Thomas Fischer urges, take time to build robust security protocols into products, rather than trying to retroft them.