Consumer

Europol Warns of Internet of Things Risk

In a newly released report, Europol’s European Cybercrime Center (EC3) warns that the growth of the Internet of Things (IoT) threatens to strengthen the hand of organized cyber criminal groups and make life much more difficult for police and governments that wish to pursue them. EC3’s latest Internet Organized Crime Threat Assessment (iOCTA) says the “Internet of Everything” will greatly complicate the work of law enforcement creating “new opportunities for everything from cyber criminals to state actors to child abusers. The growing numbers of connected devices will greatly expand the “attack surface” available for cyber criminal activity, the EC3 warns. Cyber criminals may co-opt connected devices for use in common criminal activity (like denial of service attacks and spam campaigns). However, advancements like connected (“smart”) vehicles and infrastructure create openings for large scale and disruptive attacks. The report, which was published late last months, is a high level position paper and pulls data mostly […]

Continue Reading

Chief Security Officer: The Toughest Job In IT?

Register now for our CISO Hangout with Jon Trull of Qualys, the former Chief Security Officer for the State of Colorado. Chief Information Security Officers (CISOs) are in the news a lot these days. The breaches at prominent corporations like Target, Home Depot and (this week) JP Morgan have solidified the consensus that the CISO is a necessary complement to the CIO. They’ve also shone a spotlight on what many consider to be the toughest job in corporate America. After all, successful cyber attacks and data breaches are the quickest path to a ruined corporate reputation. And a strong and capable CISO is increasingly seen as the best defense against such an unfortunate occurrence. (Target’s misfortune was the direct result, some argued, on its lack of a CISO.) With all that in the air, the time couldn’t be better to sit down with some of the top CISOs in industry and the public […]

Continue Reading

Unpatchable USB Malware Now Open Source | WIRED

Andy Greenberg over at Wired has an interesting piece of news coming out of last week’s Derbycon hacker conference in Louisville, Kentucky. According to Greenberg and Wired, researchers Adam Caudill and Brandon Wilson showed off their own version of Karsten Nohl and Jakob Lell’s BadUSB malware, and that they’d released the code on Github.   Their presentation raises the stakes for USB manufacturers to fix the BadUSB problem or leave hundreds of millions of users vulnerable, Greenberg writes. At a presentation at the Black Hat Briefings in August, Nohl and Lell, both of Security Research Labs (SRLabs), showed how the controller chips inside common USB devices can be reprogrammed, allowing USB peripherals to impersonate other kinds of devices.  Among other things, Nohl demonstrated how a BadUSB infected device could emulate a USB keyboard, issuing commands to a connected machine using the permissions of the logged-in user. Alternatively, an infected USB could spoof a […]

Continue Reading

FDA Issues Guidance on Security of Medical Devices

The U.S. Food and Drug Administration (FDA) issued final guidance on Wednesday that are designed to strengthen the safety of medical devices. The FDA called on medical device manufacturers to consider cyber security risks as part of the design and development of devices. The document, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,” asks device makers to submit documentation to the FDA about any “risks identified and controls in place to mitigate those risks” in medical devices. The guidance also recommends that manufacturers submit documentation of plans for patching and updating the operating systems and medical software that devices run. The document, which will be released on Thursday, does not contain specific requirements. Rather, it describes the kinds of things that medical device manufacturers should consider when preparing pre-market submissions for medical devices in areas such as information confidentiality, integrity, and availability, the FDA said. The release of the document follows the […]

Continue Reading

3G Module Just 26mm Wide OK’d by AT&T| ITworld

Steve Lawson at IDG News Service has an interesting article that notes AT&T’s certification of the U-blox SARA-U260 model, which is dubbed “the world’s smallest 3G module.” The 16 x 26 millimeter device is seen as a harbinger of the kind of low power device that will greatly expand the Internet of Things.   The SARA-U260 is designed to transmit small amounts of data over 3G networks and could enable a new generation of even smaller and smarter devices – from Smartmeters to wearable technology to connected cars. The U260 has features that support applications from voice calling to auto industry telematics to retail point-of-sale terminals and handheld devices, according to U-blox. It uses A-GPS (Assisted Global Positioning System) and a technology called CellLocate that uses nearby cellular towers to triangulate a location in situations where GPS isn’t available. 3G and 2G networks are being replaced by 4G and even 5G networks for most consumer smart phones. But the technology still works great […]

Continue Reading
1 39 40 41 42 43 87