Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Tracked as CVE-2022-31460, the Meeting Owl Pro and Whiteboard Owl vulnerability allows an attacker to turn a vulnerable device into a rogue access point. [Read More]
Security researchers warn of two vulnerabilities in U-Boot that could be exploited from the local network to write arbitrary data or cause a denial-of-service condition. [Read More]
Ordr raises $40 million in a Series C funding round co-led by Battery Ventures and Ten Eleven Ventures. [Read More]
Forescout has published a proof of concept for a ‘ransomware’ attack that uses IoT for access, IT for traversal, and OT (especially PLCs) for detonation. It is called R4IoT and is described as the next generation of ransomware. [Read More]
Several critical and high-severity vulnerabilities have been found in the Open Automation Software Platform, used for connectivity between ICS, databases and apps. [Read More]
Over $1.15 million was awarded at Pwn2Own Vancouver 2022 for exploits targeting Tesla Model 3, Windows 11, Ubuntu, Microsoft Teams, Safari, Firefox and Oracle VirtualBox. [Read More]
Researchers looked at what a hacker with physical access can do with Konica Minolta printers — the answer: a lot. [Read More]
Join SecurityWeek and Microsoft for at live webinar to learn about live zero trust enablement through monitoring and automation of IoT/OT environments. [Read More]
Tracked as CVE-2022-27588, the vulnerability could allow a remote attacker to run arbitrary commands. [Read More]
The U.S. government is barreling ahead with plans to mitigate future threats from quantum computing with a new White House memo directing federal agencies to jumpstart an all-hands-on-deck approach to migrating to quantum-resistant technologies. [Read More]

FEATURES, INSIGHTS // IoT Security

rss icon

Gunter Ollmann's picture
In a world of over-hyped bugs, stunt hacking, and branded vulnerability disclosures, my advice to CISOs is to make security lemonade by finding practical next steps to take.
Seema Haji's picture
An insider breach targeting OT and IoT systems has the potential to shut down electrical grids, contaminate water supplies and otherwise destroy a nation’s infrastructure.
Seema Haji's picture
Technologies like artificial intelligence (AI), augmented reality (AR) and machine learning (ML) once seemed stranger than fiction, but are now playing a growing role in industrial environments.
Seema Haji's picture
The risk created by the proliferation of industrial IoT (IIoT) is rising, thanks to the continued mismanagement of third-party involvement in sensitive industrial environments.
Seema Haji's picture
Smart IoT devices in industrial settings, such as energy, oil/gas and manufacturing, have shifted the perspective on OT environments from being reactive to proactive and predict failures.
Seema Haji's picture
New technology like IoMT in any space is always a double-edged sword. But the onus is not on manufacturers alone. It’s up to healthcare organizations to take the initiative to manage and secure their environments.
Seema Haji's picture
With the new year underway, it’s time for CISOs to see their security resolutions through from the factory floor, SOCs and across the entire enterprise.
Laurence Pitt's picture
Speech recognition systems make mistakes that could give cybercriminals access to a user’s home network. By activating a squatted skill, an unexpecting user could allow a malicious actor to extract information about their account, home network and even passwords before running the requested command.
Marc Solomon's picture
The ability to aggregate, score and prioritize data and alerts within the context of your environment can allow you to take the right actions faster to mitigate IoT risk.
Dean Weber's picture
IoT security is a tough challenge — involving everything from hard to implement standards; hard to reach industrial components; and choices on how to integrate security around both older “brownfield” and newer IoT systems and equipment.