A relatively new Internet of Things (IoT) botnet took its time going viral – it even disappeared for 10 days – but once it got back in gear, it spread worldwide in a matter of days.
A grab bag of open source security and cyber security news is in this week’s edition of Open Source Insight. Is “many eyeballs” not enough? Some security researchers think Linus’ Law doesn’t work anymore. Black Duck by Synopsys kicks off a new video series with MITRE IoT expert Bob Martin covering IoT security. Learn how open source tech due diligence helped one company close a deal securely. Should Privacy Day be renamed to Lack of Privacy Day? Plus, an eye-catching infographic on how too little software security training is putting many companies at risk.
It’s been called Data Privacy Day since it was launched in 2008 to commemorate the signing of Convention 108—the first legally binding international treaty dealing with privacy and data protection—on Jan. 28, 1981.
If you haven’t figured it out, at Black Duck by Synopsys we are quackers about security (I can’t resist a good duck pun!). In fact, it’s one of our favorite subjects — so much that we are launching this new video series.
Cybercriminals are expected to extend their threat deeper into ransomware and IoT. In a just-released report, Synopsys examines the four “tribes” of CISOs, and the characteristics of each. A link to the complimentary report is below. And with the GDPR going into force in just four months, businesses are scrambling for compliance.
As of Sept. 12, 2017, much of the code vulnerable to BlueBorne Bluetooth attacks remains unpatched. Learn what you can do to secure your code.
Originally posted on SecurityWeek.
Posted in Internet of Things | Comments Off on IoT security: Where there is smoke, there is fire
New legislation proposed this month in U.S. Congress seeks to mitigate the risk of botnets commandeering Internet of Things (IoT) devices used in the U.S. government. The Internet of Things Cybersecurity Improvement Act of 2017 is a proposal from Sens. Mark R. Warner (D-Va.) and Cory Gardner (R-Colo.), co-chairs of the Senate Cybersecurity Caucus, along with Sens. Ron Wyden (D-Wash.) and Steve Daines (R-Mont.). It aims to mitigate risks and increase security in IoT products. The bill is limited to U.S. government-purchased devices. Since the U.S. government is such a large consumer, it is reasonable to assume that these improvements will eventually find their way into commercial products as well.
Another week of InfoSec in the desert is history. Black Hat USA started as the Black Hat Briefings in 1997, and has remained mostly corporate. It grew out of the hacker-friendly environment of DEF CON which started as a going away party for a friend of the founder, Jeff Moss, in 1993. Together, the two conference represent the largest annual gathering of InfoSec experts in the world.
You’ve probably come across article headlines about parents facing the headache-inducing consequences of their children placing orders online. We’ve reached the day when it has become so easy to shop online that toddlers can (and do) place successful internet orders.
Posted in Internet of Things | Comments Off on How do Internet of Things devices impact retail security?