Software Integrity Blog

Archive for the 'Internet of Things' Category

 

Better passwords in California won’t help much

California is all done with weak passwords. Well, not right now, but it says it will be done with them for internet-connected devices in another 14 months—starting Jan. 1, 2020. From then on, the Information Privacy: Connected Devices bill, signed earlier this month by Gov. Jerry Brown, will require each such device to have a […]

Continue Reading...

Posted in Internet of Things, Legal, Security Standards and Compliance

 

Make your home both smart and secure | NCSAM at Synopsys

The original version of this article was published in Forbes. “Smart but insecure” sounds like you’re talking about a high achiever who needs therapy. Which you could be. But in the online world, it applies to semi-animate objects—the hundreds of millions of devices in American homes that are, at one level, smart. They range from […]

Continue Reading...

Posted in Internet of Things

 

The IoT within us: Network-connected medical devices

The Internet of Things is all around us. But it doesn’t stop there—now it’s inside us too. As the era of “connected everything” explodes, so does the use of network-connected medical devices. These interconnected devices, ranging from hospital imaging equipment to implantable pacemakers to infusion pumps, help healthcare providers and patients in a variety of […]

Continue Reading...

Posted in Healthcare Security, Infographic, Internet of Things, Medical Device Security

 

Third-party security, Russian grid meddling, and patch Apache!

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Third-party security party poopers, more Russian meddling in the grid, and patch Apache. Watch this episode below: , Robotics supplier’s sloppy security leaks 10 years’ […]

Continue Reading...

Posted in Internet of Things, Open Source Security, Weekly Security Mashup

 

Ukraine dodges attack, but VPNFilter threat remains

Ukraine had been warned. So it was prepared. And the result, according to the government’s intelligence branch, the Security Service of Ukraine (SBU), is that it was able to detect and thwart a cyber attack that used the now notorious VPNFilter malware against the Auly Chlorine Distillation Station, which supplies chlorine to 23 provinces of […]

Continue Reading...

Posted in Critical Infrastructure Security, Internet of Things

 

Vulnerable routers are still out there—and hackers are noticing

Vulnerable routers aren’t news Long ago and far away—in 2014, which is indeed long ago and far away in our cutting-edge world of information technology—security gurus like Dan Geer, Jim Gettys, and Bruce Schneier were issuing urgent warnings about the catastrophic insecurity of routers—those devices in our homes that give us access to the World […]

Continue Reading...

Posted in Internet of Things, Static Analysis (SAST)

 

Traffic systems at risk of cyber attack, Cortana and Alexa news, PyRoMineIoT cryptojacker

The cyber security and open source security news that made headlines this week: Traffic systems at risk of cyber attack, Cortana and Alexa news, and the PyRoMineIoT cryptojacker.

Continue Reading...

Posted in Internet of Things, Open Source Security

 

Is IoT a tool for Big Brother via DMCA?

What if it turns out that Big Brother is much more diverse, and a bit more subtle, than a monolithic figure at the head of an intrusive, tyrannical government? What if a component of an all-seeing, all-knowing dystopian overlord is our business sector—the companies that sell us our electronics, appliances, machines, cars, tools, and just […]

Continue Reading...

Posted in Internet of Things, Webinars

 

The IoT: Too big (and buggy) to patch?

The Internet of Things (IoT) will never be too big to fail, although it is hard to conceive of the entire thing failing at once, unless every power grid on the planet goes down simultaneously. But it is in danger of increasing incremental failure because it is too big to patch, according to author, encryption […]

Continue Reading...

Posted in Internet of Things

 

Digital license plates, GDPR risks and hackers, security bugs in AI robots

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? California puts a lot on your plate, the law of unintended consequences as it related to GDPR risks, and porous pepper. Watch the entire […]

Continue Reading...

Posted in Internet of Things, Weekly Security Mashup