Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with IoT
Page 1 / 2   >   >>
Mirai Groups Target Business IoT Devices
News  |  7/19/2019  | 
More than 30% of Mirai attacks, and an increasing number of variants of the malicious malare, are going after enterprise IoT devices, raising the stakes for business.
Bluetooth Bug Enables Tracking on Windows 10, iOS & macOS Devices
News  |  7/17/2019  | 
Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access.
Industry Insight: Checking Up on Healthcare Security
News  |  7/10/2019  | 
Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short.
Vulnerability Found in GE Anesthesia Machines
Quick Hits  |  7/10/2019  | 
GE Healthcare has released a statement claiming the bug is not in the machine itself and does not pose direct risk to patients.
10 Ways to Keep a Rogue RasPi From Wrecking Your Network
Slideshows  |  7/10/2019  | 
A Raspberry Pi attached to the network at NASA JPL became the doorway for a massive intrusion and subsequent data loss. Here's how to keep the same thing from happening to your network.
Cybercriminals Target Budding Cannabis Retailers
Quick Hits  |  7/9/2019  | 
Companies in the young, rapidly growing industry are targeted for sensitive information they store and immature security practices.
D-Link Agrees to Strengthen Device Security
Quick Hits  |  7/3/2019  | 
A settlement with the FTC should mean comprehensive security upgrades for D-Link routers and IP camera.
NIST Issues IoT Risk Guidelines
Quick Hits  |  6/27/2019  | 
A new report offers the first step toward understanding and managing IoT cybersecurity risks.
New Linux Worm Attacks IoT Devices
Quick Hits  |  6/26/2019  | 
Silex has 'bricked' more than 2,000 Linux-based IoT devices so far.
Raspberry Pi Used in JPL Breach
Quick Hits  |  6/24/2019  | 
NASA report shows exfiltration totaling more than 100 GB of information since 2009.
7 2019 Security Venture Fund Deals You Should Know
Slideshows  |  6/20/2019  | 
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.
Insecure Home IoT Devices a Clear and Present Danger to Corporate Security
News  |  6/19/2019  | 
Avast-sponsored study shows wide prevalence of IoT devices, many with weak credentials and other security vulnerabilities.
Power Outage Hits Millions in South America
Quick Hits  |  6/17/2019  | 
The outage, which is not (so far) seen as the result of a cyberattack, still had a significant impact on network and server availability.
Cyberattack Hits Aircraft Parts Manufacturer
Quick Hits  |  6/13/2019  | 
Belgium's Asco has shut down manufacturing around the world, including the US, in response to a major cybersecurity event, but what happened isn't clear.
Cisco Buys Sentryo
News  |  6/6/2019  | 
Cisco is adding the French company's network visibility products to its IoT network lineup.
How to Get the Most Benefits from Biometrics
Commentary  |  6/5/2019  | 
Providing an easy-to-use, uniform authentication experience without passwords is simpler than you may think.
Focusing on Endpoints: 5 Steps to Fight Cybercrime
Commentary  |  5/31/2019  | 
Follow these best practices to strengthen endpoint management strategies and protect company data.
7 Recent Wins Against Cybercrime
Slideshows  |  5/24/2019  | 
The increasing number of successful law enforcement actions and prosecutions suggest that cybercriminals have plenty of reason to be looking over their shoulders.
To Manage Security Risk, Manage Data First
News  |  5/23/2019  | 
At Interop 2019, IT and security experts urged attendees to focus on data asset management as a means of mitigating risk.
Consumer IoT Devices Are Compromising Enterprise Networks
News  |  5/22/2019  | 
While IoT devices continue to multiply, the latest studies show a dangerous lack of visibility into those connected to enterprise networks.
DHS Warns of Data Theft via Chinese-Made Drones
Quick Hits  |  5/20/2019  | 
The drones are reportedly built with parts that can compromise organizations' data and share it on a server accessible to the Chinese government.
When Older Windows Systems Won't Die
News  |  5/17/2019  | 
Microsoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.
Introducing the Digital Transformation Architect
Commentary  |  5/15/2019  | 
Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams.
Sectigo Buys Icon Labs to Expand IoT Security Platform
Quick Hits  |  5/9/2019  | 
End-to-end IoT security product aims to give manufacturers, systems integrators, and businesses a means to harden device security.
Security Depends on Careful Design
Commentary  |  5/2/2019  | 
Deploying focused edge protection on-site extends security beyond the network level to shield millions of previously exposed devices, apps, and control systems.
Peer-to-Peer Vulnerability Exposes Millions of IoT Devices
News  |  4/29/2019  | 
A flaw in the software used to remotely access cameras and monitoring devices could allow hackers to easily take control of millions of pieces of the IoT.
Malware Makes Itself at Home in Set-Top Boxes
News  |  4/26/2019  | 
Low-cost boxes that promise free TV streaming services often come complete with malware, according to a new study.
Go Medieval to Keep OT Safe
Commentary  |  4/26/2019  | 
When it comes to operational technology and industrial control systems, make sure you're the lord of all you survey.
Regulations, Insider Threat Handicap Healthcare IT Security
News  |  4/25/2019  | 
Healthcare IoT is expanding opportunities for hackers as the sector struggles to keep up security-wise.
Free Princeton Application Provides IoT Traffic Insight
Quick Hits  |  4/19/2019  | 
The application developed by a research group allows users to spot possible IoT security problems.
Why We Need a 'Cleaner Internet'
Commentary  |  4/19/2019  | 
By blocking threats and attacks nearer to their sources, cybersecurity pros could help turn the connected world into a safer place for all.
This Week in Security Funding: Where the Money Went
News  |  4/12/2019  | 
Predictions for cybersecurity investment in 2019 are holding true with funding announcements from four startups.
Stop Mocking & Start Enabling Emerging Technologies
Commentary  |  4/9/2019  | 
Mocking new technology isn't productive and can lead to career disadvantage.
Airports & Operational Technology: 4 Attack Scenarios
Commentary  |  4/2/2019  | 
As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.
7 Malware Families Ready to Ruin Your IoT's Day
Slideshows  |  3/29/2019  | 
This latest list of Internet of Things miscreants doesn't limit itself to botnets, like Mirai.
Microsoft Tackles IoT Security with New Azure Updates
News  |  3/28/2019  | 
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
Inside Cyber Battlefields, the Newest Domain of War
News  |  3/28/2019  | 
In his Black Hat Asia keynote, Mikko Hypponen explored implications of "the next arms race" and why cyber will present challenges never before seen in warfare.
Hacker AI vs. Enterprise AI: A New Threat
Commentary  |  3/21/2019  | 
Artificial intelligence and machine learning are being weaponized using the same logic and functionality that legitimate organizations use.
DDoS Attack Size Drops 85% in Q4 2018
News  |  3/19/2019  | 
The sharp decline follows an FBI takedown of so-called "booter," or DDoS-for-hire, websites in December 2018.
Norsk Hydro Shuts Plants Amid Ransomware Attack
Quick Hits  |  3/19/2019  | 
The cyberattack, first detected on Monday night, has shut down Norsk's entire global network.
New Mirai Version Targets Business IoT Devices
Quick Hits  |  3/19/2019  | 
The notorious Internet of Things botnet is evolving to attack more types of devices including those found in enterprises.
New IoT Security Bill: Third Time's the Charm?
News  |  3/18/2019  | 
The latest bill to set security standards for connected devices sold to the US government has fewer requirements, instead leaving recommendations to the National Institute of Standards and Technology.
7 Low-Cost Security Tools
Slideshows  |  3/15/2019  | 
Security hardware doesn't have to be expensive or complex to do the job. Here are seven examples of low-cost hardware that could fill a need in your security operations.
Anomaly Detection Techniques: Defining Normal
Commentary  |  3/14/2019  | 
The challenge is identifying suspicious events in training sets where no anomalies are encountered. Part two of a two-part series.
New Malware Shows Marketing Polish
News  |  3/13/2019  | 
A new strain of point-of-sale malware skims credit card numbers and comes via a highly polished marketing campaign.
GPS Spoof Hits Geneva Motor Show
Quick Hits  |  3/13/2019  | 
Incident leaves GPS units showing a location in England and a date 17 years in the future.
The Case for Transparency in End-User License Agreements
Commentary  |  3/13/2019  | 
Why it behooves technology companies to consider EULAs as an opportunity to accurately inform customers about privacy issues and other important information.
NSA, DHS Call for Info Sharing Across Public and Private Sectors
News  |  3/11/2019  | 
Industry leaders debate how government and businesses can work together on key cybersecurity issues.
Georgia's Jackson County Pays $400K to Ransomware Attackers
Quick Hits  |  3/11/2019  | 
The ransomware campaign started March 1 and shut down most of Jackson County's IT systems.
Ultrasound Machine Diagnosed with Major Security Gaps
News  |  3/8/2019  | 
Check Point researchers investigate security risks and point to implications for medical IoT devices.
Page 1 / 2   >   >>


Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12815
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-13569
PUBLISHED: 2019-07-19
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
CVE-2019-9228
PUBLISHED: 2019-07-19
** DISPUTED ** An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A at least to 7.20A.252.062. The (1) management SSH and (2) management TELNET features allow remote attackers to cause a denial of service (connection slot e...
CVE-2019-12725
PUBLISHED: 2019-07-19
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
CVE-2019-11989
PUBLISHED: 2019-07-19
A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, ...