IOT
June 11, 2024
IoT Vulnerabilities Skyrocket, Becoming Key Entry Point for Attackers Full Text
Abstract
According to a Forescout report, IoT vulnerabilities have increased by 136% compared to last year. The study analyzed nearly 19 million devices and found that the proportion of IoT devices with vulnerabilities rose from 14% in 2023 to 33% in 2024.Infosecurity Magazine
October 30, 2023
IoT Security Threats Highlight the Need for Zero Trust Principles Full Text
Abstract
The manufacturing sector is particularly vulnerable to IoT malware attacks, experiencing an average of 6,000 attacks per week according to Zscaler, which can disrupt critical OT processes and pose long-term challenges for security teams.Cyware
September 15, 2023
DDoS 2.0: IoT Sparks New DDoS Alert Full Text
Abstract
The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they're uniquely problematic, and how to mitigate them. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that collect and exchange data. This broad category of devices includes sensors, cameras, network routers, and advanced machinery, and their integration into everyday life and work processes results in an ecosystem that can automate operations, improve decision-making, and enhance user experience. IoT: A Breeding Ground for Botnets IoT's rapid adoption amplifies its vulnerability, as poorly secured devices become easy prey for attackers and may become part of a botnet. Controlled by attackers, botnets can scale and rapidly execute various attacks, including DDoS, data theft, ad fraud, cryptocurrency mining, spam aThe Hacker News
September 14, 2022
Securing your IoT devices against cyber attacks in 5 steps Full Text
Abstract
How is IoT being used in the enterprise, and how can it be secured? We will demonstrate important security best practices and how a secure password policy is paramount to the security of devices.BleepingComputer
August 06, 2022
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack Full Text
Abstract
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code , but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai," Fortinet FortiGuard Labs said in a report. The malware, which gets its name from an embedded URL to a YouTube rap music video in an earlier version, is said to have amassed a growing collection of compromised SSH servers, with over 3,500 unique IP addresses used to scan and brute-force their way into the servers. RapperBot's current implementation also delineates it from Mirai, allowing it to primarily function as an SSH brute-force tool with limited capabilities to carry out distributed denial-of-service (DDoS) attacks. The deviation from traditional Mirai behavior is furtherThe Hacker News
August 4, 2022
New IoT Malware Dubbed RapperBot Brute Forces Into SSH Servers Full Text
Abstract
RapperBot is designed to function primarily as an SSH brute-forcer with limited DDoS capabilities. As is typical of most IoT malware, it targets ARM, MIPS, SPARC, and x86 architectures.Fortinet
February 07, 2022
IoT/connected Device Discovery and Security Auditing in Corporate Networks Full Text
Abstract
Today's enterprise networks are complex environments with different types of wired and wireless devices being connected and disconnected. The current device discovery solutions have been mainly focused on identifying and monitoring servers, workstation PCs, laptops and infrastructure devices such as network firewalls, switches and routers, because the most valuable information assets of organizations are being stored, processed and transferred over those devices, hence making them the prime target of security breaches and intrusions. However, a new trend has been emerging in the past four years, where attackers have been targeting purpose-built connected devices such as network printers and video conferencing systems as an entry point and data exfiltration route. These devices cannot be identified properly by the current IT asset discovery solutions for the following main reasons: Proprietary protocols are often used for managing and monitoring such devices that are not knowThe Hacker News
January 5, 2022
Researchers used electromagnetic signals to classify malware infecting IoT devices Full Text
Abstract
Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. A team of academics (Duy-Phuc Pham, Damien Marion, Matthieu Mastio and Annelie Heuser) from the Research Institute of Computer...Security Affairs
January 03, 2022
Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations Full Text
Abstract
Cybersecurity researchers have proposed a novel approach that leverages electromagnetic field emanations from the Internet of Things (IoT) devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation techniques have been applied to hinder analysis. With the rapid adoption of IoT appliances presenting an attractive attack surface for threat actors, in part due to them being equipped with higher processing power and capable of running fully functional operating systems, the latest research aims to improve malware analysis to mitigate potential security risks. The findings were presented by a group of academics from the Research Institute of Computer Science and Random Systems (IRISA) at the Annual Computer Security Applications Conference ( ACSAC ) held last month. "[Electromagnetic] emanation that is measured from the device is practically undetectable by the malware," the resThe Hacker News
December 23, 2021
IoT SAFE — An Innovative Way to Secure IoT Full Text
Abstract
By the end of 2021, there will be 12 billion connected IoT devices, and by 2025, that number will rise to 27 billion . All these devices will be connected to the internet and will send useful data that will make industries, medicine, and cars more intelligent and more efficient. However, will all these devices be safe? It's worth asking what you can do to prevent (or at least reduce) becoming a victim of a cybercrime such as data theft or other forms of cybercrime in the future? Will IoT security ever improve? In recent years, the number of security vulnerabilities related to the Internet of Things has increased significantly. Let us start at the very beginning — most IoT devices come with default and publicly disclosed passwords. Moreover, the fact is that there are many cheap and low-capacity Internet of Things devices that lack even the most basic security. And that's not all — security experts are discovering new critical vulnerabilities every day. Numerous IoT devicThe Hacker News
December 22, 2021
Honeypot experiment reveals what hackers want from IoT devices Full Text
Abstract
A three-year-long honeypot experiment featuring simulated low-interaction IoT devices of various types and locations gives a clear idea of why actors target specific devices.BleepingComputer
September 13, 2021
IoT Attacks Ramps up at 2X Speed Full Text
Abstract
According to Kaspersky, the first half of 2021 witnessed 1.5 billion IoT attacks, double the number from the previous year, with a variety of intentions, including mining cryptocurrency and stealing data. Attackers are largely using weak passwords to infect IoT targets. IoT users are recommended to ... Read MoreCyware Alerts - Hacker News
August 17, 2021
Critical bug impacting millions of IoT devices lets hackers spy on you Full Text
Abstract
Security researchers are sounding the alarm on a critical vulnerability affecting tens of millions of devices worldwide connected via ThroughTek's Kalay IoT cloud platform.BleepingComputer
August 2, 2021
UK universities awarded funding for research into IoT, smart home security Full Text
Abstract
A number of British universities have been awarded a grant to explore the security issues surrounding IoT and smart home devices, as well as to determine ways to warn consumers of the risks.The Daily Swig
July 26, 2021
Podcast: IoT Piranhas Are Swarming Industrial Controls Full Text
Abstract
Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure.Threatpost
July 22, 2021
Rise in IoT Malware Attacks Raises Security Concerns Full Text
Abstract
Zscaler analyzed 575 million device transactions, along with 300,000 IoT-specific malware attack attempts. This revealed that IoT malware has witnessed a rise of 700% as compared to pre-pandemic numbers.Cyware Alerts - Hacker News
June 16, 2021
IoT Supply Chain Bug Hits Millions of Cameras Full Text
Abstract
Critical vulnerability could allow attackers to eavesdrop on usersInfosecurity Magazine
May 19, 2021
Can Nanotech Secure IoT Devices From the Inside-Out? Full Text
Abstract
Work’s being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats.Threatpost
April 26, 2021
IoT Devices Under Constant Cyber Threat Full Text
Abstract
A series of recent attacks on IoT devices implies bigger security risks that hover over them. It is even more concerning for consumers as they are unaware of threats and do not own the resources to mitigate them.Cyware Alerts - Hacker News
April 22, 2021
FIDO launches protocol to secure IoT onboarding to cloud and on-premise management platforms Full Text
Abstract
The FIDO Alliance announced the launch of FIDO Device Onboard protocol, a new, open IoT standard that will enable devices to simply and securely onboard to cloud and on-premise management platforms.Help Net Security
April 21, 2021
UK Government Pressing Ahead with New IoT Law Amid Pandemic Smart Device Surge Full Text
Abstract
The law will impose new obligations on the manufacturers of smart devicesInfosecurity Magazine
April 21, 2021
FIDO Announces New Security Standard for IoT Devices Full Text
Abstract
The protocol is designed to better enable the deployment of IoT devices at scaleInfosecurity Magazine
April 19, 2021
The parallels of pandemic response and IoT security Full Text
Abstract
Because complete isolation is not practical for most networks, network segments, and devices, perimeter controls are needed to limit who and what can get inside the network.Help Net Security
April 14, 2021
‘Digital exhaust’ may be the solution for tracking consumer IoT devices on networks Full Text
Abstract
A technique known as radio frequency (RF) fingerprinting could be leveraged to give unique ID to the billions of rogue IoT devices lurking within home and business networks.SCMagazine
April 8, 2021
Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT Full Text
Abstract
Fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019, according to WatchGuard.Help Net Security
March 20, 2021
This New Mirai Variant Uses New Vulnerabilities in IoT Devices Full Text
Abstract
This week, cybersecurity researchers disclosed a new wave of ongoing attacks exploiting multiple vulnerabilities to deploy new Mirai variants on internet-connected devices.Cyware Alerts - Hacker News
February 1, 2021
IoT Firmware Security: Zero-Day Exploitation & Prevention Full Text
Abstract
Typically, manufacturers install a software package on the device itself which allows the entire security suite to stem from metrics and instrumentation techniques that run on the device.Check Point Research
January 29, 2021
Firms with exposed IoT have a higher concentration of other security problems Full Text
Abstract
Exposed enterprise IoT devices can be an indicator of security issues to come, with firms sporting exposed devices having a 62% higher density of other security problems, new research shows. For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post…SCMagazine
January 2, 2021
FBI warns swatting attacks on owners of smart devices Full Text
Abstract
The Federal Bureau Investigation (FBI) is warning owners of smart home devices with voice and video capabilities of 'swatting' attacks. The FBI has recently issued an alert to warn owners of smart home devices with voice and video capabilities of so-called...Security Affairs
December 30, 2020
FBI: Pranksters are hijacking smart devices to live-stream swatting incidents Full Text
Abstract
"Recently, offenders have been using victims' smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks," the FBI said in a PSA published today.ZDNet
December 29, 2020
Swatters hijack smart home devices to watch emergency responders Full Text
Abstract
Weak credentials and login protections come with the risk of swatting for owners of connected devices with video and voice capabilities, warns the U.S. Federal Bureau of Investigation (FBI).BleepingComputer
December 28, 2020
Your new smart car is an IoT device that can be hacked Full Text
Abstract
Connected cars are complex systems composed of numerous units that exchange large amounts of data, and threat actors can manipulate those systems in order to gain control of smart vehicles.CyberNews