In-brief:Cyber criminal groups are racing to gain control over a population of insecure “Internet of Things” devices, with new malware families targeting embedded devices appearing at a steady rate and a noticeable uptick in so-called “brute force” password guessing attacks against embedded systems.
supply chain
Shoddy Supply Chain Lurks Behind Mirai Botnet
In-brief: A common, China-based supplier of management software is the common thread that ties together the myriad digital video recorders, IP-based cameras and other devices that make up the Mirai botnet, according to analysis by the firm Flashpoint.
PCI Updates Security Guidance with Focus on Firmware
In-brief: The Payment Card Industry Security Standards Council (PCI Council) is raising the bar for the security of point of sale systems, with a big focus on the software (or “firmware”) that runs those systems.
Developers Gorge on Open Source Amid Worries About Quality, Security
In-brief: The use of open source software is exploding, but concerns about code quality and security in the open source supply chain persist, according to a report from the firm Sonatype.
Flaw In D-Link Software Affects 400K Devices
In-brief: A vulnerability in software by device maker D-Link is much more widespread than initially believed, affecting hundreds of thousands of Internet connected devices, including cameras, home routers, wireless access points and network attached storage.