News & Commentary

Latest Content tagged with IoT
Page 1 / 2   >   >>
Nearly 2/3 of Industrial Companies Lack Security Monitoring
Quick Hits  |  12/6/2017  | 
New Honeywell survey shows more than half of industrial sector organizations have suffered cyberattacks.
The Rising Dangers of Unsecured IoT Technology
Commentary  |  12/4/2017  | 
As government regulation looms, the security industry must take a leading role in determining whether the convenience of the Internet of Things is worth the risk and compromise of unsecured devices.
Hacked IV Pumps and Digital Smart Pens Can Lead to Data Breaches
News  |  12/4/2017  | 
Researcher to reveal IoT medical device dangers at Black Hat Europe this week.
Mobile Malware Incidents Hit 100% of Businesses
News  |  11/17/2017  | 
Attempted malware infections against BYOD and corporate mobile devices are expected to continue to grow, new data shows.
Stealthy Android Malware Found in Google Play
News  |  11/15/2017  | 
Eight apps found infected with a new Trojan family that ups the ante in obfuscation with four payload stages.
Who Am I? Best Practices for Next-Gen Authentication
Commentary  |  11/15/2017  | 
By their very nature, antiquated, static identifiers like Social Security numbers and dates of birth are worse than passwords.
Enterprise Physical Security Drives IoT Adoption
News  |  11/14/2017  | 
The vast majority of respondents to a new survey are deploying IoT technologies for building safety in the form of security cameras.
ADT Expands Cybersecurity Business with Purchase of Datashield
News  |  11/14/2017  | 
Home and business security giant launches ADT Cybersecurity to offer managed detection and response (MDR) service.
Cybersecurity Staffing Shortage Tied to Cyberattacks, Data Breaches
News  |  11/9/2017  | 
Short-staffed cybersecurity teams contribute to data breaches and cyberattacks levied against their organizations, a survey finds.
The IoT Blindspot
News  |  11/8/2017  | 
Confusion over whether IT staff or line of business professions are responsible for IoT management and security plays big role in a lack of visibility into those devices.
Cybercriminals Employ 'Driveby' Cryptocurrency Mining
News  |  11/8/2017  | 
Mining digital coins is a legal activity, but cybercriminals have discovered a new way to inject malware to perform the task.
Majority of US Companies' DDoS Defenses Breached
Quick Hits  |  11/7/2017  | 
Survey finds 69% of companies' distributed denial-of-service attack defenses were breached in the past year - despite confidence in their mitigation technologies.
DDoS Flaw Found in Brother Printers
Quick Hits  |  11/6/2017  | 
All Brother printers with a Debut Web front-end carry a flaw that allows attackers to distribute a single malformed HTTP POST request, researchers revealed today.
8 Older Companies Doing New Things in Security
Slideshows  |  11/6/2017  | 
These organizations have been around for a while but aren't slowing down on security releases.
10 Mistakes End Users Make That Drive Security Managers Crazy
Slideshows  |  11/2/2017  | 
Here's a list of common, inadvertent missteps end users make that can expose company data.
iPhone 7, Samsung Galaxy S8, Others Hacked in Pwn2Own
Quick Hits  |  11/1/2017  | 
Researchers participating in the Mobile Pwn2Own 2017 competition developed exploits for the iPhone 7, Samsung Galaxy S8, and others.
Inmarsat Disputes IOActive Reports of Critical Flaws in Ship SATCOM
News  |  10/26/2017  | 
Satellite communications provider says security firm's narrative about vulnerabilities in its AmosConnect 8 shipboard email service is overblown.
'Reaper' IoT Botnet Likely a DDoS-for-Hire Tool
Quick Hits  |  10/26/2017  | 
Latest IoT botnet commandeers 10,000 to 20,000 devices with an additional 2 million hosts identified.
A Checklist for Securing the Internet of Things
Commentary  |  10/26/2017  | 
IoT devices promise endless benefits, but they also come with serious security issues. Use this checklist to make sure your company stays safe.
Google Play Bug Bounty Program Debuts
Quick Hits  |  10/23/2017  | 
Google teams up with HackerOne to create the Google Play Security Reward Program.
IOTroop Botnet Hits Over a Million Organizations in Under 30 Days
Quick Hits  |  10/20/2017  | 
The IoT botnet is expected to spread faster than Mirai.
Oracle Fixes 20 Remotely Exploitable Java SE Vulns
News  |  10/18/2017  | 
Quarterly update for October is the smallest of the year: only 252 flaws to fix! Oracle advises to apply patches 'without delay.'
The Future of Democratic Threats is Digital
News  |  10/18/2017  | 
Public policy and technological challenges take center stage as security leaders discuss digital threats to democracy.
Banks Start Broad Use of Blockchain, as JP Morgan, IBM Lead Way
News  |  10/17/2017  | 
Two major players announced cross-border payment networks built on blockchain technologies Monday, and more financial services will follow soon, despite opinions about Bitcoin.
Printers: The Weak Link in Enterprise Security
News  |  10/16/2017  | 
Organizations frequently overlook printer security, leaving systems exposed to malware and theft. New tools aim to lessen the risk.
IoT: Insecurity of Things or Internet of Threats?
News  |  10/11/2017  | 
Security leaders call for device manufacturers to buckle down on device security as the Internet of Things evolves.
New 4G, 5G Network Flaw 'Worrisome'
News  |  10/9/2017  | 
Weaknesses in the voice and data convergence technology can be exploited to allow cybercriminals to launch DoS attacks and hijack mobile data.
Caterpillar Eyes Competitive Edge with Connected Asset Security Program
News  |  9/27/2017  | 
Launches program to incorporate security by design and a strategic governance policy across all of its IoT products.
SMBs Paid $301 Million to Ransomware Attackers
Quick Hits  |  9/21/2017  | 
But small- to midsized businesses are taking a tougher stand against ransomware attacks, according to a survey released today of the 2016-2017 period.
Get Serious about IoT Security
Commentary  |  9/20/2017  | 
These four best practices will help safeguard your organization in the Internet of Things.
10 Hot Cybersecurity Funding Rounds in Q3
Slideshows  |  9/20/2017  | 
The first two quarters of 2017 have been the most active ever in five years from a cybersecurity investment standpoint. Here's how the third quarter has shaped up.
Microsoft's Azure 'Confidential Computing' Encrypts Data in Use
News  |  9/14/2017  | 
Early Access program under way for new Azure cloud security feature.
The Hunt for IoT: The Rise of Thingbots
Partner Perspectives  |  9/14/2017  | 
Across all of our research, every indication is that todays "thingbots" botnets built exclusively from Internet of Things devices will become the infrastructure for a future Darknet.
Tesla Hacks: The Good, The Bad, & The Ugly
Tesla Hacks: The Good, The Bad, & The Ugly
Dark Reading Videos  |  9/12/2017  | 
Keen Security Lab found multiple holes in the isolation layer Tesla uses to protect drive systems from infotainment systems, but were impressed by the auto company's security in other ways.
Attacking Data Integrity & Hacking Radiation Monitoring Devices
Attacking Data Integrity & Hacking Radiation Monitoring Devices
Dark Reading Videos  |  9/8/2017  | 
Ruben Santamarta shows radio-based vulnerabilities and investigates how the integrity of critical data can be manipulated to simulate, complicate or exacerbate emergency situations.
10% of Ransomware Attacks on SMBs Targeted IoT Devices
News  |  9/7/2017  | 
IoT ransomware attacks are expected to ramp up in the coming years, a new survey shows.
Workplace IoT Puts Companies on Notice for Smarter Security
Commentary  |  9/6/2017  | 
Blacklisting every "thing" in sight and banning connections to the corporate network may sound tempting, but it's not a realistic strategy.
Mikko Hypponen's Vision of the Cybersecurity Future
Mikko Hypponen's Vision of the Cybersecurity Future
Dark Reading Videos  |  9/4/2017  | 
Twenty years from now, will everything be in the Internet of Things, and if so, how does the security industry need to prepare? F-Secure's chief research officer weighs in on this and what else the future promises (and threatens).
Using Market Pressures to Improve Cybersecurity
Using Market Pressures to Improve Cybersecurity
Dark Reading Videos  |  8/31/2017  | 
Post-MedSec, Chris Wysopal discusses what impact the investor community -- if not consumers -- can have on squashing vulnerabilities and improving cybersecurity.
St. Jude Pacemaker Gets Firmware Update 'Intended as a Recall'
News  |  8/30/2017  | 
The devices that were the subject of a vulnerability disclosure debate last summer now have an FDA-approved fix.
7 Things to Know About Today's DDoS Attacks
Slideshows  |  8/30/2017  | 
DDoS attacks are no longer something that just big companies in a few industries need to worry about. They have become a threat to every business.
IoTCandyJar: A HoneyPot for any IoT Device
IoTCandyJar: A HoneyPot for any IoT Device
Dark Reading Videos  |  8/29/2017  | 
Palo Alto Networks researchers explain how they designed an affordable, behavior-based honeypot to detect attacks on an IoT device -- any kind of IoT device.
Insecure IoT Devices Pose Physical Threat to General Public
Insecure IoT Devices Pose Physical Threat to General Public
Dark Reading Videos  |  8/24/2017  | 
At the car wash, look out for attack robots. Billy Rios discusses how IoT devices could be hacked to physically attack people -- not just on factory floors, but in everyday public settings.
IoT Medical Devices a Major Security Worry in Healthcare, Survey Shows
News  |  8/15/2017  | 
Healthcare providers, manufacturers, and regulators say cybersecurity risks of IoT medical devices and connected legacy systems a top concern.
Cybersecurity: The Responsibility of Everyone
Commentary  |  8/15/2017  | 
The battle against cybercrime can only be won if we're all focused on the same goals. Here are four ways you can get involved.
Taking Down the Internet Has Never Been Easier
Commentary  |  8/10/2017  | 
Is there a reason why the Internet is so vulnerable? Actually, there are many, and taking steps to remain protected is crucial.
SMBs Practice Better IoT Security Than Large Enterprises Do
News  |  8/9/2017  | 
Small-to midsized businesses are more prepared than big ones to face the next IoT attack: good news given the sharp rise in IoT botnet attacks in the first half of 2017, new reports released today show.
Uptick in Malware Targets the Banking Community
Commentary  |  8/9/2017  | 
A number of recent attacks, using tactics old and new, have made off with an astonishing amount of money. How can financial institutions fight back?
Automating Defenses Against Assembly-Line Attacks
Commentary  |  8/8/2017  | 
A manual approach just won't cut it anymore. Here's a toolset to defeat automation and unify control across all attack vectors to stop automated attacks.
Voting System Hacks Prompt Push for Paper-Based Voting
News  |  8/7/2017  | 
DEF CON's Voting Machine Hacker Village hacks confirmed security experts' worst fears.
Page 1 / 2   >   >>


5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Gee, these virtual reality goggles work great!!! 
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
[Strategic Security Report] Cloud Security's Changing Landscape
[Strategic Security Report] Cloud Security's Changing Landscape
Cloud services are increasingly becoming the platform for mission-critical apps and data. Heres how enterprises are adapting their security strategies!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.