The IoT: Still feature rich, security poor
How to prevent IoT hacks: Secure your software before you release it. It’s not that hard. So why aren’t more IoT device manufacturers doing it?
Posted in Featured, Internet of Things
GAO report confirms major gaps in government cybersecurity
The September GAO cybersecurity report stated that there are about 1,000 outstanding recommendations for automotive, military, and IoT security, among others.
Posted in Automotive Security, Government Security, Internet of Things
Better passwords in California won’t help much
California is all done with weak passwords. Well, not right now, but it says it will be done with them for internet-connected devices in another 14 months—starting Jan. 1, 2020. From then on, the Information Privacy: Connected Devices bill, signed earlier this month by Gov. Jerry Brown, will require each such device to have a […]
Posted in Internet of Things, Legal, Security Standards and Compliance
Make your home both smart and secure | NCSAM at Synopsys
The original version of this article was published in Forbes. “Smart but insecure” sounds like you’re talking about a high achiever who needs therapy. Which you could be. But in the online world, it applies to semi-animate objects—the hundreds of millions of devices in American homes that are, at one level, smart. They range from […]
Posted in Internet of Things
The IoT within us: Network-connected medical devices
The Internet of Things is all around us. But it doesn’t stop there—now it’s inside us too. As the era of “connected everything” explodes, so does the use of network-connected medical devices. These interconnected devices, ranging from hospital imaging equipment to implantable pacemakers to infusion pumps, help healthcare providers and patients in a variety of […]
Posted in Healthcare Security, Infographic, Internet of Things, Medical Device Security
Third-party security, Russian grid meddling, and patch Apache!
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Third-party security party poopers, more Russian meddling in the grid, and patch Apache. Watch this episode below: , Robotics supplier’s sloppy security leaks 10 years’ […]
Posted in Internet of Things, Open Source Security, Weekly Security Mashup
Ukraine dodges attack, but VPNFilter threat remains
Ukraine had been warned. So it was prepared. And the result, according to the government’s intelligence branch, the Security Service of Ukraine (SBU), is that it was able to detect and thwart a cyber attack that used the now notorious VPNFilter malware against the Auly Chlorine Distillation Station, which supplies chlorine to 23 provinces of […]
Posted in Critical Infrastructure Security, Internet of Things
Vulnerable routers are still out there—and hackers are noticing
Vulnerable routers aren’t news Long ago and far away—in 2014, which is indeed long ago and far away in our cutting-edge world of information technology—security gurus like Dan Geer, Jim Gettys, and Bruce Schneier were issuing urgent warnings about the catastrophic insecurity of routers—those devices in our homes that give us access to the World […]
Posted in Internet of Things, Static Analysis (SAST)
Traffic systems at risk of cyber attack, Cortana and Alexa news, PyRoMineIoT cryptojacker
The cyber security and open source security news that made headlines this week: Traffic systems at risk of cyber attack, Cortana and Alexa news, and the PyRoMineIoT cryptojacker.
Posted in Internet of Things, Open Source Security
Is IoT a tool for Big Brother via DMCA?
What if it turns out that Big Brother is much more diverse, and a bit more subtle, than a monolithic figure at the head of an intrusive, tyrannical government? What if a component of an all-seeing, all-knowing dystopian overlord is our business sector—the companies that sell us our electronics, appliances, machines, cars, tools, and just […]
Posted in Internet of Things, Webinars