Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with IoT
Page 1 / 2   >   >>
Why Firewalls Aren't Going Anywhere
Commentary  |  1/15/2020  | 
Written off multiple times as obsolete, firewalls continue to elude demise by adding features and ensuring that VPNs keep humming.
Global Predictions for Energy Cyber Resilience in 2020
Commentary  |  1/14/2020  | 
How prepared is the energy sector for an escalating attack surface in the operating technology environment? Here are five trends to watch.
Consumer Reports Calls for IoT Manufacturers to Raise Security Standards
Quick Hits  |  1/14/2020  | 
A letter to 25 companies says Consumer Reports will change ratings to reflect stronger security and privacy standards.
Attackers Increase Focus on North American Electric Utilities: Report
News  |  1/9/2020  | 
Electric utilities continue to be a target of nation-state attackers, even before the latest tensions between Iran and the United States, says a critical-infrastructure security firm.
Insight Partners Acquires Armis at $1.1B Valuation
Quick Hits  |  1/7/2020  | 
This deal marks the largest-ever acquisition of a private Israeli cybersecurity company, Armis' co-founders report.
Operational Technology: Why Old Networks Need to Learn New Tricks
Commentary  |  12/31/2019  | 
Cybercriminals are maximizing their opportunity by targeting older vulnerabilities in OT environments. It's time to fight back.
IoT Security: How Far We've Come, How Far We Have to Go
News  |  12/24/2019  | 
As organizations fear the proliferations of connected devices on enterprise networks, the private and public sector come together to address IoT vulnerabilities.
Weak Crypto Practice Undermining IoT Device Security
News  |  12/16/2019  | 
Keyfactor says it was able to break nearly 250,000 distinct RSA keys - many associated with routers, wireless access points, and other Internet-connected devices.
Smart Building Security Awareness Grows
News  |  12/12/2019  | 
In 2020, expect to hear more about smart building security.
Blink Cameras Found with Multiple Vulnerabilities
Quick Hits  |  12/10/2019  | 
Researchers found three broad types of vulnerabilities, one of which should be particularly concerning to consumers.
10 Notable Cybersecurity Acquisitions of 2019, Part 2
Slideshows  |  12/9/2019  | 
As mergers and acquisitions continued to shape the security industry throughout 2019, these deals were most significant.
7 Ways to Hang Up on Voice Fraud
Slideshows  |  11/27/2019  | 
Criminals are coming at us from all direction, including our phones. Don't answer that next call without reading this tips first.
Former White House CIO Shares Enduring Security Strategies
News  |  11/20/2019  | 
Theresa Payton explains the strategies organizations should consider as they integrate layers of new technology.
BSIMM10 Shows Industry Vertical Maturity
Commentary  |  11/14/2019  | 
The Building Security In Maturity Model is the only detailed measuring stick for software security initiatives, and it continues to evolve.
US-CERT Warns of Remotely Exploitable Bugs in Medical Devices
Quick Hits  |  11/14/2019  | 
Vulnerabilities in key surgical equipment could be remotely exploited by a low-skill attacker.
Ring Flaw Underscores Impact of IoT Vulnerabilities
News  |  11/8/2019  | 
A vulnerability in Amazon's Ring doorbell cameras would have allowed a local attacker to gain access to a target's entire wireless network.
Google Launches OpenTitan Project to Open Source Chip Security
News  |  11/5/2019  | 
OpenTitan is an open source collaboration among Google and technology companies to strengthen root-of-trust chip design.
Details of Attack on Electric Utility Emerge
Quick Hits  |  11/1/2019  | 
The March 5 DDoS attack interrupted communications between generating facilities and the electrical grid in three western states.
32,000+ WiFi Routers Potentially Exposed to New Gafgyt Variant
News  |  10/31/2019  | 
Researchers detect an updated Gafgyt variant that targets flaws in small office and home wireless routers from Zyxel, Huawei, and Realtek.
Why It's Imperative to Bridge the IT & OT Cultural Divide
Commentary  |  10/29/2019  | 
As industrial enterprises face the disruptive forces of an increasingly connected world, these two cultures must learn to coexist.
Pwn2Own Adds Industrial Control Systems to Hacking Contest
News  |  10/28/2019  | 
The Zero Day Initiative will bring its first ICS Pwn2Own competition to the S4x20 conference in January.
5 Things the Hoodie & the Hard Hat Need to Know About Each Other
Commentary  |  10/28/2019  | 
Traditionally, the worlds of IT (the hoodie) and OT (the hard hat) have been separate. That must change.
IoTopia Framework Aims to Bring Security to Device Manufacturers
News  |  10/23/2019  | 
GlobalPlatform launches an initiative to help companies secure connected devices and services across markets.
FIDO-Based Authentication Arrives for Smartwatches
News  |  10/22/2019  | 
The Nok Nok App SDK for Smart Watch is designed to let businesses implement FIDO-based authentication on smartwatches.
Researchers Turn Alexa and Google Home Into Credential Thieves
Quick Hits  |  10/21/2019  | 
Eight Amazon Alexa and Google Home apps were approved for official app stores even though their actual purposes were eavesdropping and phishing.
Older Amazon Devices Subject to Old Wi-Fi Vulnerability
Quick Hits  |  10/17/2019  | 
The vulnerability in first-generation Echoes and eight-generation Kindles lets an attacker wage man-in-the-middle attacks.
IoT Attacks Up Significantly in First Half of 2019
Quick Hits  |  10/15/2019  | 
New research shows attacks increased ninefold year-over-year, coming from more than a quarter-million unique IP addresses.
Why Bricking Vulnerable IoT Devices Comes with Unintended Consequences
Commentary  |  10/15/2019  | 
Infosec vigilantism can cause serious harm in the era of industrial IoT and connected medical devices.
For Cybersecurity to Be Proactive, Terrains Must Be Mapped
Commentary  |  10/8/2019  | 
As in any battle, understanding and exploiting the terrain often dictates the outcome.
How FISMA Requirements Relate to Firmware Security
Commentary  |  10/3/2019  | 
Federal guidelines can help all organizations pragmatically and meaningfully improve their firmware security.
Apple Patches Multiple Vulnerabilities Across Platforms
Quick Hits  |  9/27/2019  | 
Updates address two separate issues in Apple's desktop and mobile operating systems.
Cybersecurity Certification in the Spotlight Again
News  |  9/27/2019  | 
Swiss technology non-profit group joins others, such as the Obama-era President's Commission, in recommending that certain classes of technology products be tested.
A Safer IoT Future Must Be a Joint Effort
Commentary  |  9/20/2019  | 
We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry
California's IoT Security Law Causing Confusion
News  |  9/19/2019  | 
The law, which goes into effect January 1, requires manufacturers to equip devices with 'reasonable security feature(s).' What that entails is still an open question.
15K Private Webcams Could Let Attackers View Homes, Businesses
Quick Hits  |  9/17/2019  | 
Webcams could be potentially accessed and manipulated by anyone with an Internet connection, researchers say.
Securing Our Infrastructure: 3 Steps OEMs Must Take in the IoT Age
Commentary  |  8/28/2019  | 
Security has lagged behind adoption of the Internet of Things. The devices hold much promise, but only if a comprehensive security model is constructed.
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
Commentary  |  8/27/2019  | 
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
Consumers Urged to Secure Their Digital Lives
News  |  8/27/2019  | 
Security options for consumers improve as Internet of Things devices invade homes and data on consumers proliferates online.
Aviation Faces Increasing Cybersecurity Scrutiny
News  |  8/22/2019  | 
Some aviation experts and security researchers are trying to foster closer alliances for securing airplane networks.
VxWorks TCP/IP Stack Vulnerability Poses Major Manufacturing Risk
News  |  8/19/2019  | 
A new analysis shows the scale of risk posed by networking vulnerabilities in a popular embedded real-time operating system.
Behind the Scenes at ICS Village
News  |  8/16/2019  | 
ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
Apple's New Bounty Program Has Huge Incentives, Big Risks
News  |  8/13/2019  | 
Industry observers applaud the program's ability to find exploits but fear unintended consequences.
Hackers Can Hurt Victims with Noise
Quick Hits  |  8/12/2019  | 
Research presented at DEF CON shows that attackers can hijack Wi-Fi and Bluetooth-connected speakers to produce damaging sounds.
6 Security Considerations for Wrangling IoT
Commentary  |  8/12/2019  | 
The Internet of Things isn't going away, so it's important to be aware of the technology's potential pitfalls.
Significant Vulnerabilities Found in 6 Common Printer Brands
News  |  8/9/2019  | 
In a half-year project, two researchers tested six of the top enterprise printer brands and found vulnerabilities in every device, some of which allow remote execution.
Dark Reading News Desk Live at Black Hat USA 2019
News  |  8/8/2019  | 
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Researchers Show Vulnerabilities in Facial Recognition
News  |  8/7/2019  | 
The algorithms that check for a user's 'liveness' have blind spots that can lead to vulnerabilities.
Boeing 787 On-Board Network Vulnerable to Remote Hacking, Researcher Says
News  |  8/7/2019  | 
Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.
US Air Force Bug Bounty Program Nets 54 Flaws for $123,000
News  |  8/6/2019  | 
The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military.
Russian Attack Group Uses Phones & Printers to Breach Corporate Networks
Quick Hits  |  8/6/2019  | 
Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data.
Page 1 / 2   >   >>


Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.