In-brief: Security firms Trustwave and IOActive both announced services promising to help aspiring IoT product firms secure their products, more evidence that the Internet of Things is producing secondary markets.
supply chain
Unpatched Vulnerabilities Common on Docker Hub Images
In-brief: A survey out from the firm Banyan finds that official and general repositories on Docker Hub are rife with serious and exploitable software vulnerabilities, including Heartbleed, Shellshock and Poodle.
Update: RSA Warns of Supply Chain Attack on Point of Sale Vendors
In-brief: RSA said it detected evidence of a malicious software campaign that targeted employees at point of sale vendors – a possible effort to compromise the PoS supply chain.
Verizon: Internet of Things Hacks Pose Little Risk – For Now
In-brief: Verizon said in its latest Data Breach Investigations Report that threats from Internet of Things technologies were more theory than practice in 2014, but that 2015 could see IoT devices play a role in breaches.
Supply Chain Hackers Use Short List of Techniques | Trend Micro
In-brief: Trend Micro notes that supply chain attacks are on the rise, with attackers relying on a short list of techniques including compromises of source code, firmware and so-called “watering hole” attacks.
