Software Security

Archive for the 'Internet of Things' Category

 

The countdown to codenomi-con USA 2017 is on!

Join the Synopsys team as we host the world’s most exclusive cybersecurity event at the House of Blues inside of Mandalay Bay in Las Vegas on Tuesday, July 25. In addition to an evening of networking and entertainment, our thought leadership program will include presentations on DevOps security, IoT, and building security into your SDLC. […]

Continue Reading...

Posted in DevOps, Featured, Internet of Things, Security Conference or Event, Software Development Life Cycle (SDLC) | Comments Off on The countdown to codenomi-con USA 2017 is on!

 

What happens when dishwashers attack the network?

Last month a researcher announced that a commercial dishwashing machine contained a dangerous vulnerability allowing a remote attacker to gain access to privileged assets on a connected network. Jens Regel of the German company Schneider-Wulf made the vulnerability public on Full Disclosure after contacting the vendor and waiting the customary 90 days. The vendor, Miele, has […]

Continue Reading...

Posted in Internet of Things, Network Security, Software Development Life Cycle (SDLC), Software Security Testing | Comments Off on What happens when dishwashers attack the network?

 

The connected toy conundrum is beginning to boil

Originally posted on SecurityWeek.  The prediction business is a tricky thing. You can be right, but until you are proven right, you’re either early or wrong. Being early feels just like being wrong–up until the moment you are right. When toymaker VTech announced in November 2015 that nearly five million customer records had been leaked […]

Continue Reading...

Posted in Application Security, Internet of Things | Comments Off on The connected toy conundrum is beginning to boil

 

Embedded World and CodenomiCON Europe 2017 will kick your IoT security into high gear

Each year the Embedded World Exhibition and Conference in Nuremberg offers the embedded community an opportunity to gather information about new products and innovations, and to develop valuable contacts with others in the industry. An estimated 930 exhibitors will be presenting state-of-the-art embedded technologies at this year’s event. Embedded World Conference 2017 Join us in […]

Continue Reading...

Posted in Embedded Software Testing, Internet of Things, Security Conference or Event | Comments Off on Embedded World and CodenomiCON Europe 2017 will kick your IoT security into high gear

 

Internet of Things (IoT): Rethinking the threat model

On February 4, 2017, a Saturday night, a high-school student in the U.K. realized he wasn’t going to university to study computer science so he wrote a short program in C, and within a few hours had 150,000 internet-connected printers across the world spitting out ASCII art and messages. All this was harmless although the […]

Continue Reading...

Posted in Internet of Things, Software Composition Analysis, Software Security Testing, Threat Modeling | Comments Off on Internet of Things (IoT): Rethinking the threat model

 

Minecraft and the Mirai IoT botnet connection

Gamers, warring over turf, may have launched the Mirai botnet, according to research by KrebsonSecurity. On Wednesday, Brian Krebs published a long and detailed article explain his month’s long investigation into the author of the Mirai botnet which was used to darken the internet for much of North America for several hours in October. The […]

Continue Reading...

Posted in Internet of Things, Vulnerability Assessment | Comments Off on Minecraft and the Mirai IoT botnet connection

 

Researcher finds some airline infotainment systems vulnerable

The inflight services that allow passengers to enjoy movies and music on their flights might also allow clever individuals to change cabin lighting. In an article in the Telegraph Ruben Santamarta, principle security consultant at IOActive, said he could access the in-flight system from Panasonic Avionics. He claimed he could hack its on-board displays. He […]

Continue Reading...

Posted in Internet of Things | Comments Off on Researcher finds some airline infotainment systems vulnerable

 

Yes, Virginia, smart televisions can get ransomware

Over the holidays, a software engineer disclosed to Twitter that a family member had contracted ransomware on their smart TV. Software engineer Darren Cauthon said his wife had downloaded an app and was in the process of watching a movie when the TV froze. He rebooted the TV except when the image came up, it […]

Continue Reading...

Posted in Application Security, Internet of Things | Comments Off on Yes, Virginia, smart televisions can get ransomware

 

Lessons learned from this year’s biggest security breaches

As this year draws to a close, we can look back on 2016 and see what challenges the security industry has had to overcome. Jumping on this bandwagon a bit early, I hope to draw attention to some of the more difficult challenges our industry will face in the coming year. In order to do […]

Continue Reading...

Posted in Data Breach, Internet of Things, Red Teaming, Software Security Testing | Comments Off on Lessons learned from this year’s biggest security breaches

 

Mirai botnet targets Deutsche Telekom routers, causing outages

Over the weekend, around 1 million Deutsche Telekom customers experienced interruptions in their Internet services, a denial of service that has now been traced to the Mirai botnet. Mirai leverages flaws in Internet of Things devices to create a compromised network or botnet. The source code for Mirai botnet went public in early October, allowing […]

Continue Reading...

Posted in Data Breach, Internet of Things | Comments Off on Mirai botnet targets Deutsche Telekom routers, causing outages