Author: Ionut Ilascu

Tenable's survey of information security pros found concerns that advancements like application containerization and DevOps are complicating the jobs of information security pros, and reducing effectiveness. (Image courtesy of Tenable Network Security.)

Report: DevOps, Containerization, challenge Security Pros

In-brief: Despite the benefits of the DevOps paradigm and application virtualization in software products’ lifecycle, security professionals believe that in combination with cloud computing the two methods increase the complexity of the corporate network, making it more difficult to defend, the cyber security assurance report from Tenable Network Security outlines.

A denial of service attack on the managed DNS firm DYN was due, in part, to attacks from Internet of Things devices running the Mirai malware.

Another Supply Chain Mystery: IP Cameras Ship With Malicious Software

In-brief: The discovery of a malicious link buried in software for a common IP camera sold on Amazon and other online retail outlets is just the latest example of supply chain based threats to connected products.  

Research Raises More Alarms on Connected Home Products

Research Raises More Alarms on Connected Home Products

In-brief: A new study by BitDefender suggests that security lapses dampen the appeal of smart home appliances and could (literally) open the door to burglars.

VNC Roulette Feasts On Insecure Industrial Control Systems

VNC Roulette Feasts On Insecure Industrial Control Systems

In-brief: VNC Roulette is just the latest warning shot across the bows of industrial firms and the public sector: parading screen shots of remotely accessible but insecure SCADA systems for all to see. 

Wind turbines made by the firm XZERES are vulnerable to web-based cross site scripting attacks, the Department of Homeland Security has warned. This isn't the first time the company's products have been cited.

CERT Warns Wind Turbines Open to Compromise

In-brief: Wind turbines made by the UK firm XZERES Wind are susceptible to common, web-based attacks including cross site scripting, according to a warning published by the Industrial Control System CERT (ICS-CERT).