In-brief: Security firms Trustwave and IOActive both announced services promising to help aspiring IoT product firms secure their products, more evidence that the Internet of Things is producing secondary markets.
In-brief: A survey out from the firm Banyan finds that official and general repositories on Docker Hub are rife with serious and exploitable software vulnerabilities, including Heartbleed, Shellshock and Poodle.
In-brief: RSA said it detected evidence of a malicious software campaign that targeted employees at point of sale vendors – a possible effort to compromise the PoS supply chain.
In-brief: Verizon said in its latest Data Breach Investigations Report that threats from Internet of Things technologies were more theory than practice in 2014, but that 2015 could see IoT devices play a role in breaches.
In-brief: Trend Micro notes that supply chain attacks are on the rise, with attackers relying on a short list of techniques including compromises of source code, firmware and so-called “watering hole” attacks.