Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
News & Commentary
A Safer IoT Future Must Be a Joint Effort
Sivan Rauscher, CEO & Co-Founder, SAM Seamless NetworkCommentary
We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry
By Sivan Rauscher CEO & Co-Founder, SAM Seamless Network, 9/20/2019
Comment0 comments  |  Read  |  Post a Comment
California's IoT Security Law Causing Confusion
Robert Lemos, Contributing WriterNews
The law, which goes into effect January 1, requires manufacturers to equip devices with 'reasonable security feature(s).' What that entails is still an open question.
By Robert Lemos Contributing Writer, 9/19/2019
Comment0 comments  |  Read  |  Post a Comment
15K Private Webcams Could Let Attackers View Homes, Businesses
Dark Reading Staff, Quick Hits
Webcams could be potentially accessed and manipulated by anyone with an Internet connection, researchers say.
By Dark Reading Staff , 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
Cartoon Contest: Bedtime Stories
John Klossner, Cartoonist
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 9/4/2019
Comment10 comments  |  Read  |  Post a Comment
Securing Our Infrastructure: 3 Steps OEMs Must Take in the IoT Age
Vivek Shah, Senior Product Director at SyncronCommentary
Security has lagged behind adoption of the Internet of Things. The devices hold much promise, but only if a comprehensive security model is constructed.
By Vivek Shah Senior Product Director at Syncron, 8/28/2019
Comment0 comments  |  Read  |  Post a Comment
Unsecured IoT: 8 Ways Hackers Exploit Firmware Vulnerabilities
Terry Dunlap, Co-Founder & Chief Strategy Officer, ReFirm LabsCommentary
As new Internet of Things products enter the market, speed shouldn't trump concerns about security.
By Terry Dunlap Co-Founder & Chief Strategy Officer, ReFirm Labs, 8/27/2019
Comment8 comments  |  Read  |  Post a Comment
Consumers Urged to Secure Their Digital Lives
Robert Lemos, Contributing WriterNews
Security options for consumers improve as Internet of Things devices invade homes and data on consumers proliferates online.
By Robert Lemos Contributing Writer, 8/27/2019
Comment1 Comment  |  Read  |  Post a Comment
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Some aviation experts and security researchers are trying to foster closer alliances for securing airplane networks.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/22/2019
Comment4 comments  |  Read  |  Post a Comment
VxWorks TCP/IP Stack Vulnerability Poses Major Manufacturing Risk
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A new analysis shows the scale of risk posed by networking vulnerabilities in a popular embedded real-time operating system.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/19/2019
Comment0 comments  |  Read  |  Post a Comment
Behind the Scenes at ICS Village
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
ICS Village co-founder Bryson Bort reveals plans for research-dedicated events that team independent researchers, critical infrastructure owners, and government specialists.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/16/2019
Comment0 comments  |  Read  |  Post a Comment
Apple's New Bounty Program Has Huge Incentives, Big Risks
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Industry observers applaud the program's ability to find exploits but fear unintended consequences.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/13/2019
Comment0 comments  |  Read  |  Post a Comment
Hackers Can Hurt Victims with Noise
Dark Reading Staff, Quick Hits
Research presented at DEF CON shows that attackers can hijack Wi-Fi and Bluetooth-connected speakers to produce damaging sounds.
By Dark Reading Staff , 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
6 Security Considerations for Wrangling IoT
Prabhuram Mohan, Senior Director of Engineering at WhiteHat SecurityCommentary
The Internet of Things isn't going away, so it's important to be aware of the technology's potential pitfalls.
By Prabhuram Mohan Senior Director of Engineering at WhiteHat Security, 8/12/2019
Comment0 comments  |  Read  |  Post a Comment
Significant Vulnerabilities Found in 6 Common Printer Brands
Robert Lemos, Contributing WriterNews
In a half-year project, two researchers tested six of the top enterprise printer brands and found vulnerabilities in every device, some of which allow remote execution.
By Robert Lemos Contributing Writer, 8/9/2019
Comment0 comments  |  Read  |  Post a Comment
Dark Reading News Desk Live at Black Hat USA 2019
Sara Peters, Senior Editor at Dark ReadingNews
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
By Sara Peters Senior Editor at Dark Reading, 8/8/2019
Comment1 Comment  |  Read  |  Post a Comment
Researchers Show Vulnerabilities in Facial Recognition
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
The algorithms that check for a user's 'liveness' have blind spots that can lead to vulnerabilities.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 8/7/2019
Comment1 Comment  |  Read  |  Post a Comment
Boeing 787 On-Board Network Vulnerable to Remote Hacking, Researcher Says
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/7/2019
Comment0 comments  |  Read  |  Post a Comment
US Air Force Bug Bounty Program Nets 54 Flaws for $123,000
Robert Lemos, Contributing WriterNews
The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military.
By Robert Lemos Contributing Writer, 8/6/2019
Comment1 Comment  |  Read  |  Post a Comment
Russian Attack Group Uses Phones & Printers to Breach Corporate Networks
Dark Reading Staff, Quick Hits
Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data.
By Dark Reading Staff , 8/6/2019
Comment1 Comment  |  Read  |  Post a Comment
US Utilities Hit with Phishing Attack
Dark Reading Staff, Quick Hits
An email phishing attack, thought to be from a nation-state actor, claims that engineers have failed licensing exams.
By Dark Reading Staff , 8/2/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by lboettger537
Current Conversations Don't let the (bed) bugs byte.
In reply to: Bugs
Post Your Own Reply
More Conversations
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16649
PUBLISHED: 2019-09-21
On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to the...
CVE-2019-16650
PUBLISHED: 2019-09-21
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the se...
CVE-2019-15138
PUBLISHED: 2019-09-20
The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL.
CVE-2019-6145
PUBLISHED: 2019-09-20
Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs ...
CVE-2019-6649
PUBLISHED: 2019-09-20
F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.