IoT security Archives - Page 3 of 5 - Cyber Security Minute

BadAlloc Flaw Impacts Many Systems Running BlackBerry’s QNX Embedded OS

Issued by: Security Week

Publicly disclosed in April, BadAlloc is a collection of 25 vulnerabilities impacting many Internet of Things (IoT) and operational technology (OT) devices. The flaws can allow malicious attackers to gain control of highly sensitive systems. The issue affects C standard library (libc) implementations, real-time operating systems (RTOS), and embedded software development kits (SDKs), and could…

Vulnerabilities

Devices From Many Vendors Can Be Hacked Remotely Due to Flaws in Realtek SDK

Issued by: Security Week

Firmware security company IoT Inspector said its researchers have identified more than a dozen vulnerabilities in SDKs provided by Realtek to companies that use its RTL8xxx chips. The security flaws can be exploited to cause a denial of service (DoS) condition and for command injection, and some of them can be leveraged by remote attackers…

Network Security

Life in Lockdown: Offices Are Empty of People, Full of Risky IoT Devices

Issued by: Security Week

A study of more than 500 million IoT device transactions in little over two weeks between December 15 and December 31, 2020 discovered a 700% increase in IoT malware over a previous study of pre-lockdown 2019. The study (PDF), conducted by Zscaler ThreatLabz, found Gafgyt and Mirai accounted for 97% of the IoT malware that…

Network Security

IoT/OT Device Security Firm NanoLock Raises $11 Million

Issued by: Security Week

The funding, which brings the total raised by the firm to $21 million, came from OurCrowd, HIVE2040 (by Avnon Group), Atlantica Group, and AWZ Ventures. The money will be used by the company to expand and improve its solutions. NanoLock Security has also announced expanding its executive team and the acquisition of two new patents….

Vulnerabilities

Old Vulnerability Exploited to Hack, Wipe WD Storage Devices

Issued by: Security Week

Victims said a factory reset had been initiated on their device, which resulted in all files being erased. Some users reported losing very important data. WD NAS device vulnerability exploitedOne post on the WD Community forum received more than 160 replies and it has been viewed nearly 15,000 times in just over 24 hours. A…

Network Security

Poison in the Water: The Physical Repercussions of IoT Security Threats

Issued by: Security Intelligence

d wager few people had ever heard of Oldsmar, Florida, prior to 2021. That all changed in February when the city made headlines. The reason? An Internet of things (IoT) security incident moved into the physical world. A Tale of Lifted Lye Levels At 8 a.m. local time on February 5, 2021, an operator at…

Network Security

FragAttacks: New Vulnerabilities Expose All Devices With Wi-Fi to Attacks

Issued by: Security Week

he vulnerabilities, dubbed FragAttacks (fragmentation and aggregation attacks), were discovered by researcher Mathy Vanhoef, who was also involved in the discovery of the Key Reinstallation Attack (KRACK) vulnerabilities back in 2017. FragAttacks can be leveraged by an attacker who is within range of the targeted Wi-Fi connection to hack devices and steal sensitive user information….

Vulnerabilities

The Rise of Industrial IoT and How to Mitigate Risk

Issued by: Security Week

With the acceleration of digital transformation and convergence of IT and operational technology (OT) networks, Internet of Things (IoT) and Industrial IoT (IIoT) devices are becoming essential tools for companies in sectors including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage. Whether optimizing individual processes or entire factories and other critical infrastructure…

Network Security

Healthcare IoT Security Firm Cylera Closes $10 Million Series A Round

Issued by: Security Week

Founded in 2017 and headquartered in New York City, Cylera seeks to protect both healthcare organizations and patients, providing a security and analytics platform that aims to deliver asset management, risk analysis, and threat detection for IoT, ICS, and IoMT (Internet of Medical Things). Cylera seeks to secure the entire connected environment, providing insights and…

Network Security

Routers, NAS Devices, TVs Hacked at Pwn2Own Tokyo 2020

Issued by: Security Week

Due to the COVID-19 pandemic, the competition has been turned into a virtual event and Pwn2Own Tokyo is actually coordinated by Trend Micro’s ZDI from Toronto, Canada, with participants demonstrating their exploits remotely. Organizers have offered significant prizes for exploits targeting a wide range of mobile and IoT devices, but participants have only focused on…