Other News

IEEE Proposes Standards For Safe, Connected Health Products

May 21, 2015 13:000 comments
The IEEE and NSF have published what they're calling a "building code" for connected health devices.

In-brief: a new publication by IEEE lays out a “building code” for medical device makers to help address security and privacy issues in products.  Like this:Like Loading…

Read more ›

The Unbalanced Negative Externalities of Cybersecurity

10:130 comments
The Internet could benefit from a public health model for combatting threats - even moreso with the Internet of Things, says Symantec CTO Amit Mital.

In-Brief: Software and the critical systems it powers are now central to our modern lives. But that very software is under growing threat and require new approaches to address those threats, says Symantec CTO Amit Mital. Successes in the arena of public health may be a guide. Like this:Like Loading…

Read more ›

NetUSB, IoT and Supply Chain Risk

May 20, 2015 12:290 comments
NetUSB, a common software component for many embedded devices was found to have a serious, exploitable vulnerability. What other problems lurk in the global supply chain?

If you want an object lesson in the dangers that await us on the Internet of Things, check out SEC Consult’s write up on NetUSB, a widely used technology developed by an obscure Taiwanese company that just happens to contain a nasty, remotely exploitable vulnerability. According to this alert, published on Tuesday, NetUSB “suffers from a remotely exploitable kernel stack buffer overflow” that could be used to run malicious code on affected devices. Even worse: the NetUSB component is ubiquitous – found in a long list of devices, from low-end wireless access points and broadband routers for small office and home office deployments to what SEC Consult called “high end devices…released very recently.” Networking devices from 26 vendors, including TP-Link, NetGear and others were found to use the NetUSB technology in their products. The vulnerability discovered by SEC Consult is straight-forward enough. According to their advisory, the NetUSB code does an inadequate […]

Read more ›

Everything Tastes Better with Bluetooth: Understanding IoT Risk

May 19, 2015 11:160 comments
Companies looking to reign in the threat posed by the Internet of Things need to take the "cool" factor seriously.

In-brief: Marc Blackmer of Cisco says that, with so much promise, it can be hard to anticipate how individual or company-wide decisions to embrace the IoT might bear on cyber risk.  Like this:Like Loading…

Read more ›

Get The Weekly Ledger

The week's security news from The Security Ledger in one e-mail.
* = required field

Security Ledger Video

Paul talks with Sean Lorenz of Xively about the latest CES.

Paul chats with Pete Chestna and Ryan O'Boyle of Veracode about integrating secure development into agile development environments.

Founder and Editor in Chief

Paul F. Roberts

Paul F. Roberts

I'm the founder and Editor in Chief of The Security Ledger (securityledger.com), an independent security news and analysis publication that explores the intersection of cyber security with the Internet of Things.

View Full Profile →

%d bloggers like this: