Archive for the ‘software’ Category

Five Billion Tests Later: IoT and Industrial Control System Protocols Raise Alarms

August 9th, 2017

In-brief: Close to five billion “fuzzing” tests conducted during 2016 reveal protocols used by industrial control systems, vehicles and Internet of Things devices to be weaker, on average, with many crashing hundreds of times and revealing vulnerabilities that could be used by malicious actors.  A study of 4.8 billion automated…

Read the whole entry… »

Related Stories

Posted in connected devices, critical infrastructure, fuzzing, Internet of things, protocol, published research, Reports, software, software development, supply chain, survey, Top Stories, trends, vulnerabilities | Comments (0)

With an Eye on IoT Security ARM buys Simulity for $15m

July 14th, 2017

In-brief: ARM’s purchase of Simulity adds the ability to do over the air updates to embedded SIM chips and highlights ARM’s efforts to build out security and management at IoT scale.  A tiny deal this week by ARM could have a big impact on the security of the Internet of Things. The company, which makes a wide range of low power…

Read the whole entry… »

Related Stories

Posted in ARM, connected devices, hardware, harman, Internet of things, M&A, mirai, Network, OTA update, over the air update, Patching, Platform, sensor, SIM card, smart infrastructure, software, Top Stories | Comments (0)

Robot Problems: Research Reveals Cybersecurity Woes

March 1st, 2017

In-brief: a report by the firm IOActive warns that industrial and home robots may be vulnerable to remote, software based attacks.  The term “robot” comes from the Czech word robota, meaning “forced labor.” And, while we might like to think of them as aspirational creations – marvels of engineering and maybe even…

Read the whole entry… »

Posted in hardware, IOActive, Reports, robot, Robotics, software, surgical robot, Top Stories, trends, vulnerabilities | Comments (0)

Beyond the CES Hype: No Easy Fixes for Security and Privacy Woes

January 6th, 2017

In-brief:Security and privacy risks from connected devices are likely to persist, with no easy fix for what experts agree are widespread problems. The annual Consumer Electronics Show kicked off this week in Las Vegas – the show’s 50th year and bigger than ever. Some 3,800 companies are on hand, more than 100,000 attendees and 2.6 million square feet of exhibit space. Smart devices designed to be connected to the Internet of Things are all the rage again this year. Smart TVs and mobile phones are in abundance, of course, but there’s a dizzying array of other gear, too, ranging from a smart washer and dryer from Samsung to wearable technology to a concept car by Bosch that features face recognition and gesture control. But behind the glitz and excitement of new products, features and capabilities lurk serious security and privacy concerns that experts agree will not be easy to resolve. Among […]


Definitive Guide to DLP

Posted in CES, conferences, connected devices, Internet of things, Mobile, Mobile Threats, Online Trust Association, Senrio, Senrio (Xipiter), software, Top Stories | Comments (0)

IBM Launches Watson Internet of Things Consulting Practice

November 23rd, 2016

In-brief: IBM unveiled IoT focused consulting services to encourage use of its Watson IoT platform. The company is targeting industries including automotive, insurance, retail and electronics.  A note over at eWeek that IBM this week unveiled a new Watson IoT (Internet of Things) Consulting Solution. The full IBM announcement can be found here. The new consulting services will make a network of some 1,500 experts available at centers around the globe to help IBM customers develop Internet of Things products that use its Watson IoT platform, IBM said. Among them: data scientists. design and security experts. IBM is targeting industries such as automotive, electronics, industrial products, insurance, retail, telecommunications and transportation, the company said. The Watson IoT platform comprises a range of features, including software development kits (SDKs) that link it to IBM’s Bluemix cloud platform, IBM’s blockchain platform, data from the company’s Weather Company division and more. Recently, the company has added […]


Definitive Guide to DLP

Posted in automobile, Automotive, Big Data, electronics, Insurance, Internet of things, machine learning, Platform, software, standards, Top Stories, watson, Watson IoT | Comments (0)

Flaw in Unity Pro Poses Major Headaches for Industrial Control Networks

October 26th, 2016

In-brief: a serious and remotely exploitable flaw in software from the firm Schneider Electric poses serious security risks for industrial control environments, according to a report by the firm Indegy. A serious and remotely exploitable flaw in software from the firm Schneider Electric poses serious security risks for industrial control environments, according to a report by the firm Indegy. A vulnerability discovered in Unity Pro, management software sold by Schneider, allows any user with access to the system to run code on any computer on which the software is installed, Indegy said. Practically, the flaw has a wide reach: the vulnerable software tool runs on engineering workstations used in every control network in the world that uses Schneider-Electric controllers. As such, the vulnerability impacts “virtually any process controlled by these PLCs,” Indegy said, referring to Schneider Electric’s programmable logic controllers. “Since Schneider Electric is one of the largest industrial control equipment providers, this vulnerability […]


Definitive Guide to DLP

Posted in critical infrastructure, ICS-CERT, Internet of things, Reports, SCADA - ICS, Schneider Electric, software, trends, vulnerabilities | Comments (0)

Lightbulbs, Thermostats and Cameras Oh My! Smart Devices Undermining Corporate Security

October 25th, 2016

In-brief: Smart, connected devices from closed circuit cameras to printers and thermostats are undermining the security of businesses, providing possible paths for hackers onto corporate networks, according to a study by the firm ForeScout.  Smart, connected devices from closed circuit cameras to printers and thermostats are undermining the security of businesses, providing possible paths for hackers onto corporate networks, according to a study by the firm ForeScout. The study, conducted by noted independent researcher Samy Kamkar, identified seven IoT devices that can be hacked in as little as three minutes, including IP cameras, environmental controls, multi function printers, Voice over IP (VoIP) phones – even “smart” connected light bulbs. Easy to hack, the devices can take days or weeks to remediate, ForeScout said. The devices can become entry points for corporations that malicious hackers use to compromise business networks, said Pedro Abreu, ForeScout’s Chief Strategy Officer. “All these devices have credentials for […]


Definitive Guide to DLP

Posted in biomedical devices, connected devices, critical infrastructure, Infograph, Internet of things, Network, published research, Reports, software, Top Stories | Comments (0)

Code Blue: Thousands of Bugs Found on Medical Monitoring System

July 26th, 2016

In-brief: The Department of Homeland Security warned of hundreds of vulnerabilities in a hospital monitoring system sold by Philips. Security researchers who studied the system said the security holes may number in the thousands. Security researchers analyzing a critical piece of equipment used to monitor patients in hospitals have uncovered thousands of vulnerabilities on the system, including 272 in the monitoring system itself and hundreds more in third-party components that run alongside it. The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an alert on July 14 about the discovery of 460 vulnerabilities in the Philips Xper-IM Connect system, including 360 with a severity rating of “high” or “critical” severity. But an interview with one of the researchers who analyzed the Xper system said that the true number of vulnerabilities was much higher, numbering in the thousands. Xper IM Connect is a “physiomonitoring” system that is widely used in the […]


Definitive Guide to DLP

Posted in biomedical devices, connected devices, DHS, ICS-CERT, Internet of things, medical devices, Network, Philips, remote code execution, Reports, software, vulnerabilities, Whitescope | Comments (0)