Software Integrity Blog

Archive for the 'Internet of Things' Category

 

Ukraine dodges attack, but VPNFilter threat remains

Ukraine had been warned. So it was prepared.

Continue Reading...

Posted in General, Internet of Things | Comments Off on Ukraine dodges attack, but VPNFilter threat remains

 

Vulnerable routers are still out there—and hackers are noticing

Vulnerable routers aren’t news Long ago and far away—in 2014, which is indeed long ago and far away in our cutting-edge world of information technology—security gurus like Dan Geer, Jim Gettys, and Bruce Schneier were issuing urgent warnings about the catastrophic insecurity of routers—those devices in our homes that give us access to the World Wide Web.

Continue Reading...

Posted in Internet of Things, Static Analysis (SAST) | Comments Off on Vulnerable routers are still out there—and hackers are noticing

 

Is IoT a tool for Big Brother via DMCA?

What if it turns out that Big Brother is much more diverse, and a bit more subtle, than a monolithic figure at the head of an intrusive, tyrannical government?

Continue Reading...

Posted in General, Internet of Things | Comments Off on Is IoT a tool for Big Brother via DMCA?

 

The IoT: Too big (and buggy) to patch?

The Internet of Things isn’t too big to fail, but is it too big to patch? IoT security experts talk about why and how to upgrade IoT device firmware.

Continue Reading...

Posted in Internet of Things | Comments Off on The IoT: Too big (and buggy) to patch?

 

Digital license plates, GDPR risks and hackers, security bugs in AI robots

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? California puts a lot on your plate, the law of unintended consequences as it related to GDPR risks, and porous pepper. Watch the entire episode below:

Continue Reading...

Posted in General, Internet of Things | Comments Off on Digital license plates, GDPR risks and hackers, security bugs in AI robots

 

VPNFilter, BMW connected car vulnerability, and Nest IoT devices go offline

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s episode, you ask? Russia vs. Ukraine, Beemer as the ultimate hackable machine, and Nest “smart home” devices.

Continue Reading...

Posted in Automotive Security, General, Internet of Things, Software Architecture and Design | Comments Off on VPNFilter, BMW connected car vulnerability, and Nest IoT devices go offline

 

U.K. threatens to force IoT security by design

Securing the Internet of Things (IoT) seems like an endless reality version of “Mission Impossible”—really impossible. Many have tried—with lists of best practices and standards, exhortations, and warnings—but none has succeeded.

Continue Reading...

Posted in Internet of Things, Security Standards and Compliance | Comments Off on U.K. threatens to force IoT security by design

 

Still just recommendations, not regulation, for IoT security

Recommendations are a fine first step, but without real IoT security regulation, securing the Internet of Things (IoT) makes herding cats look like a breeze.

Continue Reading...

Posted in Internet of Things, Security Standards and Compliance | Comments Off on Still just recommendations, not regulation, for IoT security

 

In an IoT-filled world, it’s time to be alert in the wake of ‘Hide ‘N Seek”

A relatively new Internet of Things (IoT) botnet took its time going viral – it even disappeared for 10 days – but once it got back in gear, it spread worldwide in a matter of days.

Continue Reading...

Posted in Data Breach, Internet of Things, Software Architecture and Design | Comments Off on In an IoT-filled world, it’s time to be alert in the wake of ‘Hide ‘N Seek”

 

Privacy still an uphill climb on Data Privacy Day

It’s been called Data Privacy Day since it was launched in 2008 to commemorate the signing of Convention 108—the first legally binding international treaty dealing with privacy and data protection—on Jan. 28, 1981.

Continue Reading...

Posted in General, Internet of Things | Comments Off on Privacy still an uphill climb on Data Privacy Day