Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Tracked as CVE-2022-31460, the Meeting Owl Pro and Whiteboard Owl vulnerability allows an attacker to turn a vulnerable device into a rogue access point. [Read More]
Security researchers warn of two vulnerabilities in U-Boot that could be exploited from the local network to write arbitrary data or cause a denial-of-service condition. [Read More]
Ordr raises $40 million in a Series C funding round co-led by Battery Ventures and Ten Eleven Ventures. [Read More]
Forescout has published a proof of concept for a ‘ransomware’ attack that uses IoT for access, IT for traversal, and OT (especially PLCs) for detonation. It is called R4IoT and is described as the next generation of ransomware. [Read More]
Several critical and high-severity vulnerabilities have been found in the Open Automation Software Platform, used for connectivity between ICS, databases and apps. [Read More]
Over $1.15 million was awarded at Pwn2Own Vancouver 2022 for exploits targeting Tesla Model 3, Windows 11, Ubuntu, Microsoft Teams, Safari, Firefox and Oracle VirtualBox. [Read More]
Researchers looked at what a hacker with physical access can do with Konica Minolta printers — the answer: a lot. [Read More]
Join SecurityWeek and Microsoft for at live webinar to learn about live zero trust enablement through monitoring and automation of IoT/OT environments. [Read More]
Tracked as CVE-2022-27588, the vulnerability could allow a remote attacker to run arbitrary commands. [Read More]
The U.S. government is barreling ahead with plans to mitigate future threats from quantum computing with a new White House memo directing federal agencies to jumpstart an all-hands-on-deck approach to migrating to quantum-resistant technologies. [Read More]
FEATURES, INSIGHTS // IoT Security
In a world of over-hyped bugs, stunt hacking, and branded vulnerability disclosures, my advice to CISOs is to make security lemonade by finding practical next steps to take.
An insider breach targeting OT and IoT systems has the potential to shut down electrical grids, contaminate water supplies and otherwise destroy a nation’s infrastructure.
Technologies like artificial intelligence (AI), augmented reality (AR) and machine learning (ML) once seemed stranger than fiction, but are now playing a growing role in industrial environments.
The risk created by the proliferation of industrial IoT (IIoT) is rising, thanks to the continued mismanagement of third-party involvement in sensitive industrial environments.
Smart IoT devices in industrial settings, such as energy, oil/gas and manufacturing, have shifted the perspective on OT environments from being reactive to proactive and predict failures.
New technology like IoMT in any space is always a double-edged sword. But the onus is not on manufacturers alone. It’s up to healthcare organizations to take the initiative to manage and secure their environments.
With the new year underway, it’s time for CISOs to see their security resolutions through from the factory floor, SOCs and across the entire enterprise.
Speech recognition systems make mistakes that could give cybercriminals access to a user’s home network. By activating a squatted skill, an unexpecting user could allow a malicious actor to extract information about their account, home network and even passwords before running the requested command.
The ability to aggregate, score and prioritize data and alerts within the context of your environment can allow you to take the right actions faster to mitigate IoT risk.
IoT security is a tough challenge — involving everything from hard to implement standards; hard to reach industrial components; and choices on how to integrate security around both older “brownfield” and newer IoT systems and equipment.
Get the Daily Briefing
- Shangri-La hotels Customer Database Hacked
- Hack Puts Latin American Security Agencies on Edge
- Canon Medical Product Vulnerabilities Expose Patient Information
- What's Going on With Cybersecurity VC Investments?
- CISA Issues Guidance on Transitioning to TLP 2.0
- DoD Announces Final Results of 'Hack US' Bug Bounty Program
- Microsoft Confirms Exploitation of Two Exchange Server Zero-Days
- Chinese Cyberespionage Group 'Witchetty' Updates Toolset in Recent Attacks
- Cisco Patches High-Severity Vulnerabilities in Networking Software
- Microsoft Exchange Attacks: Zero-Day or New ProxyShell Exploit?
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy