background preloader

Security - Botnet - DDoS attack -

Facebook Twitter

New IoT Botnet Targets IP Cameras - Infosecurity Magazine. Researchers from Trend Micro have detected a new Internet of Things (IoT) botnet called ‘Persirai’ targeting 1000 internet protocol (IP) cameras.

New IoT Botnet Targets IP Cameras - Infosecurity Magazine

In a blog post on its website the vendor claimed it had detected 120,000 IP cameras that are vulnerable to ELF_PERSIRAI.A via Shodan. Many of these vulnerable users are unaware that their IP Cameras are exposed to the internet, which makes it significantly easier for the perpetrators behind the malware to gain access to the IP Camera web interface via TCP Port 81, Trend Micro added. “IP Cameras typically use Universal Plug and Play (UPnP), which are network protocols that allow devices to open a port on the router and act like a server, making them highly visible targets for IoT malware,” the post reads. “After logging into the vulnerable interface, the attacker can perform a command injection to force the IP Camera to connect to a download site via commands.”

Half-baked security: Hackers can hijack your smart Aga oven 'with a text message' New malware intentionally bricks IoT devices. IoT has. Promising future in terms of hacking. Screen-reader users, click here to turn off Google Instant.

IoT has. Promising future in terms of hacking

MoreEven more from Google Sign in All News Videos Images Shopping Tools Any country Any time All results 5 results Ads Search Results. Hacker sets off all 156 emergency sirens in Dallas. HIPAA data risk in IoTs among 10 security risks with Wearables. CSOonline reported that most IoT (Internet of Things) wearable companies that collection personal data “don’t carefully anonymize health-related data have effectively acquired what’s known as electronic Protected Health Information (ePHI), ‘which puts you squarely in the HIPAA world.’”

HIPAA data risk in IoTs among 10 security risks with Wearables

The March 29, 2017 report entitled “10 security risks of wearables” included these 10 security risks, many of which include HIPAA concerns: 1. Wearable security is a legitimate concern2. IoTSF Establishing Principles for IoT Security Download. Bruce Schneier on New Security Threats from the Internet of Things. Ransomware warning for phones, watches and TVs. Digital attacks are happening on "a scale and boldness not seen before", the National Cyber Security Centre (NCSC) and National Crime Agency (NCA) have warned.

Ransomware warning for phones, watches and TVs

In their first joint report, the NCSC and NCA also say that ransomware - software that makes a device unusable until a ransom is paid to the attacker - will target connected personal devices like phones, watches and TVs. The report, which discusses the cyber threat to UK business, points to attacks on the Bangladesh Bank, Democratic National Party and Ukrainian power grid as examples of the increasing audacity of hackers. That daring is being matched by the scale of attacks. The report says 2016 saw the largest DDOS attack in history when websites including Twitter, Netflix and Spotify were knocked out of service after internet traffic management provider Dyn Inc was targeted with junk data traffic. :: Your everyday devices at risk of cyber attacks Ransomware that targets mobile phones and smart TVs is singled out by the report. Smart Devices, Slow Security: the Future of IoT Tickets, Thu, Dec 1, 2016 at 6:00 PM.

Our Mission: WISP is a fiscally sponsored project of Community Initiatives that promotes the development, advancement, and inclusion of women in security and privacy.

Smart Devices, Slow Security: the Future of IoT Tickets, Thu, Dec 1, 2016 at 6:00 PM

Currently, we are serving Bay Area women, and we have plans to expand nationally over the next few years. Our Objectives: Education: Help women identify and achieve the level of education and skills required to succeed in security and privacy positions across multiple industries.Mentoring & Networking: Foster a community for knowledge-sharing, collaboration, mentorship, and networking.Advancement: Support the career advancement of women in security and privacy.Leadership: Increase thought leadership by women in security and privacy.Research: Conduct independent research related to recruitment, retention, and advancement of women in security and privacy. IOT AND BLOCKCHAIN: A POSSIBLE IMPROVEMENT IN CYBERSECURITY? The Internet of Things' Dangerous Future: Bruce Schneier.

Last year, on October 21, your digital video recorder — or at least a DVR like yours — knocked Twitter off the internet.

The Internet of Things' Dangerous Future: Bruce Schneier

Someone used your DVR, along with millions of insecure webcams, routers, and other connected devices, to launch an attack that started a chain reaction, resulting in Twitter, Reddit, Netflix, and many sites going off the internet. Securing Internet of Things (IoT) devices. Today, I spent some time researching IoT security.

Securing Internet of Things (IoT) devices

At the end of this post, I’ve listed companies – all of which are new to me – which offer IoT security solutions. Feel free to share your solutions, feedback and tips for securing IoT devices. For my home office, everything sits behind an OpenWRT Wi-Fi router which allows for custom firewall config. Researchers discover over 170 million exposed IoT devices in major US cities.

Researchers have discovered more than 178 million Internet of Things (IoT) devices visible to attackers in the ten largest US cities.

Researchers discover over 170 million exposed IoT devices in major US cities

On Wednesday, researchers Numaan Huq and Stephen Hilt from Trend Micro revealed at the RSA conference in San Francisco, California, that many IoT devices are lacking basic security and are visible using services such as the Shodan search engine, which is used to discover devices which are accessible from the Internet. 10 steps. Medical Devices Are the Next Security Nightmare.

Hidden backdoor discovered in Chinese IoT devices – BetaNews. Researchers at Trustwave have uncovered a backdoor in IoT devices from a Chinese manufacturer that could leave them open to exploitation.

Hidden backdoor discovered in Chinese IoT devices – BetaNews

The backdoor is present in almost all devices produced by VoIP specialist DBLTek, and appears to have been purposely built in for use by the vendor. It uses a simple challenge and response mechanism to allow remote access. However, Trustwave’s investigation has shown this scheme to be fundamentally flawed in that it is not necessary for a remote user to possess knowledge of any secret or password, besides the challenge itself and knowledge of the protocol/computation used. Fighting cybercrime using IoT and AI-based automation. Last November, detectives investigating a murder case in Bentonville, Arkansas, accessed utility data from a smart meter to determine that 140 gallons of water had been used at the victim’s home between 1 a.m. and 3 a.m.

Fighting cybercrime using IoT and AI-based automation

It was more water than had been used at the home before, and it was used at a suspicious time—evidence that the patio area had been sprayed down to conceal the murder scene. As technology advances, we have more detailed data and analytics at our fingertips than ever before. It can potentially offer new insights for crime investigators. One area crying out for more insight is cybersecurity. By 2020, 60 percent of digital businesses will suffer a major service failure due to the inability of IT security teams to manage digital risk, according to Gartner.

Dyn DDoS Attack

Botnets: The Dangerous Side Effects Of The Internet Of Things. Hacking the Internet of Things: Locks and Thermostats. The problem with smart homes and the Internet of Things, summed up in two tweets about an iKettle — Quartz. Hundreds of retired soldiers from the People’s Liberation Army gathered outside China’s defense ministry in Beijing yesterday to protest spending cuts and demand veterans’ benefits. The rare protest highlighted the difficult task Beijing faces in cutting spending while keeping citizens fully employed. While it went on late into the evening, according to reports in the Associated Press and Wall Street Journal (paywall), there was no mention of the rally in China’s state newspapers today.

And on Chinese social media, search results on terms like “military cuts” and “protests” and “the ministry” were heavily censored. The Wall Street Journal described the protestors as being “mostly middle-aged men” in green fatigues. Why securing IoT is a national-security imperative. Like any other weekday, last Friday I grabbed a cup of coffee and activated my computer to see the latest world news cascade down my Twitter feed. But unlike an average day, Twitter was down. Mild discomfort settled in. Guidelines for secure IoT device development released. The biggest obstacle to deploying Internet of Things, or IoT, is security. Abusing the devices for data theft, DDoS attacks or simply to have them malfunction is an enormous challenge for organisations, as they look to reap the benefits of the new technology. To assist them in that endeavour, Cloud Security Alliance (CSA) has released a new and detailed guide on how to incorporate basic security measures into IoT devices.

The report, entitled titled Future-proofing the Connected World: 13 Steps to Developing Secure IoT Products, is aimed at designers and developers of IoT products. University-attacked-by-its-own-vending-machines-smart-light-bulbs-and-5-000-iot-devices.amp. Data protection self assessment toolkit. China's Rise in Artificial Intelligence - The Atlantic.