mobile devices

Rapid7 found flaws in web based servers used to manage Fuze's collaboration tools like phones and handsets - an increasingly common problem on the Internet of Things. (Image courtesy of Fuze.)

IoT’s Cloud Risk on Display with Flaws in Fuze Collaboration Platform

In-brief: Rapid7 said it found a number of flaws that leaked data on users of collaboration technology by Fuze. In an increasingly common finding: poorly secured cloud resources, not the handsets, were the problem. 

The European Commission is contemplating labels for Internet connected devices that inform consumers about their security and privacy practices.

German Electronics Store Sued for Selling Un-Patchable Android Phones

In-brief: That’ll be $99, or $150 without the vulnerabilities! A lawsuit in Germany is trying to force stores to come clean about security holes in the products they sell to consumers. 

the U.S. Justice Department has formed a threat analysis team to study potential national security challenges posed by self-driving cars, medical devices and other Internet-connected tools.

Podcast – Smart Vehicle Security: A Report from the Lab

In-brief: In this Security Ledger podcast, Paul speaks with Sameer Dixit of Spirent Security Labs, a leading tester of connected (“smart”) vehicles. Truly secure, connected vehicles may be years away, he says. In the meantime, security flaws and poorly implemented features are a major issue, Dixit says, with many car companies still preferring bolt on security fixes over secure design. 

Many of the CIA hacking tools disclosed by Wikileaks target known or patched security holes, security experts say.

MEH CIA: Agency’s Hacking Tools Targeted Known, Patched Holes

In-brief: Two days after the site Wikileaks dumped thousands of pages of information about covert CIA hacking tool, the security and technology communities have weighed in. Their verdict? Meh. 

The FTC announced a $2.2 million settlement with smart TV maker Vizio after the company was caught selling customer viewing information without consent.

TV Maker Vizio Settles with FTC Over Selling Viewer Data

In-brief: Smart TV maker VIZIO agreed to pay $2.2 million to the FTC and the State of New Jersey to settle charges that it collected the viewing history of some 11 million smart televisions without users’ consent. The settlement stems from a 2014 case and requires the company to “prominently disclose and obtain affirmative express consent” for data collection and sharing.