Archive for the ‘trends’ Category

Five Billion Tests Later: IoT and Industrial Control System Protocols Raise Alarms

August 9th, 2017

In-brief: Close to five billion “fuzzing” tests conducted during 2016 reveal protocols used by industrial control systems, vehicles and Internet of Things devices to be weaker, on average, with many crashing hundreds of times and revealing vulnerabilities that could be used by malicious actors.  A study of 4.8 billion automated…

Read the whole entry… »

Related Stories

Posted in connected devices, critical infrastructure, fuzzing, Internet of things, protocol, published research, Reports, software, software development, supply chain, survey, Top Stories, trends, vulnerabilities | Comments (0)

Security Ledger Voted Top Infosec Podcast

March 13th, 2017

In-brief: The Security Ledger Podcast had the honor of being named one of the 35 top podcasts covering information security. In honor of that honor, we’re reprising some of our most popular broadcasts from recent months.  The Security Ledger Podcast had the honor of being named one of the 35 top podcasts covering information security! The…

Read the whole entry… »

Posted in Breaking Security News, Digital Guardian, Podcasts, Reports, standards, Top Stories, trends | Comments (0)

Robot Problems: Research Reveals Cybersecurity Woes

March 1st, 2017

In-brief: a report by the firm IOActive warns that industrial and home robots may be vulnerable to remote, software based attacks.  The term “robot” comes from the Czech word robota, meaning “forced labor.” And, while we might like to think of them as aspirational creations – marvels of engineering and maybe even…

Read the whole entry… »

Posted in hardware, IOActive, Reports, robot, Robotics, software, surgical robot, Top Stories, trends, vulnerabilities | Comments (0)

Amazon, Microchip team on chip to protect IoT | IEEE Spectrum

December 26th, 2016

In-brief: MicroChip and Amazon are partnering on a chip designed to pair with Amazon’s IoT cloud and provide cryptographically strong identities for IoT devices. There is an interesting piece on a collaboration between Microchip Technology and Amazon.com on a chip that’s designed to work with Amazon’s cloud services and protect connected devices from certain forms of attack. According to the article, the two firms are marketing an add-on chip called the AWS-ECC508 that works with Amazon’s IoT Cloud, creating a cryptographically secure path between IoT endpoint, cloud services and end user. From the article: The AWS-ECC508 is designed to provide end-to-end security between the IoT device and the cloud infrastructure. It does this by leveraging Amazon’s mutual authentication system, which verifies the identity of the cloud service and the device before any data or commands are accepted. The identities are based on cryptographic keys. Until now, creating such cryptographic identities […]


Definitive Guide to DLP

Posted in amazon, Amazon Web Services, connected devices, hardware, Internet of things, Microchip, Platform, processors, sensor, Top Stories, trends | Comments (0)

Flaw in Unity Pro Poses Major Headaches for Industrial Control Networks

October 26th, 2016

In-brief: a serious and remotely exploitable flaw in software from the firm Schneider Electric poses serious security risks for industrial control environments, according to a report by the firm Indegy. A serious and remotely exploitable flaw in software from the firm Schneider Electric poses serious security risks for industrial control environments, according to a report by the firm Indegy. A vulnerability discovered in Unity Pro, management software sold by Schneider, allows any user with access to the system to run code on any computer on which the software is installed, Indegy said. Practically, the flaw has a wide reach: the vulnerable software tool runs on engineering workstations used in every control network in the world that uses Schneider-Electric controllers. As such, the vulnerability impacts “virtually any process controlled by these PLCs,” Indegy said, referring to Schneider Electric’s programmable logic controllers. “Since Schneider Electric is one of the largest industrial control equipment providers, this vulnerability […]


Definitive Guide to DLP

Posted in critical infrastructure, ICS-CERT, Internet of things, Reports, SCADA - ICS, Schneider Electric, software, trends, vulnerabilities | Comments (0)

Flaw In D-Link Software Affects 400K Devices

July 8th, 2016

In-brief: A vulnerability in software by device maker D-Link is much more widespread than initially believed, affecting hundreds of thousands of Internet connected devices, including cameras, home routers, wireless access points and network attached storage. A vulnerability in software by device maker D-Link is much more widespread than initially believed, affecting hundreds of thousands of Internet connected devices, including cameras, home routers, wireless access points and network attached storage. The security firm Senrio said on Thursday that a vulnerability it first disclosed in June in D-Link’s DCS-930L Network Cloud Camera also affects “a huge range of products” made by that company. More than 120 models across Connected Home Products, including cameras, routers, access points, modems, and storage, are affected by this single vulnerability, Senrio said in a statement. As many as 400,000 D-Link devices that are accessible from the public Internet are vulnerable to remote attack as a result of the remote code […]


Definitive Guide to DLP

Posted in broadband router, cameras, critical infrastructure, customer premises equipment (CPE), d-link, embedded device, hardware, home gateway, Internet of things, NAS, Patching, router, Senrio (Xipiter), supply chain, Switch, system on chip, trends, vulnerabilities | Comments (0)