Despite their availability on mobile networks and thus increased exposure to outside security threats, SCADA apps remain highly insecure and vulnerable to attack, putting critical industrial control systems at immediate and increased risk, researchers at IOActive and Embedi have found.
Internet of Things
Two years after it was cited for security and privacy violations in its connected toys, VTech Electronics Ltd. has been fined by the U.S. government for violations of a federal law protecting children’s online privacy.
Security researchers warned of a serious vulnerability in a GPS service by the China-based firm ThinkRace exposes sensitive data in scores of GPS services, more than two years after the hole was discovered and reported to the firm. (Update: added comment from John van den Oever, the CEO of one2track B.V – PFR 1/3/2018)
Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s edition of The Security Ledger Podcast we talk with security researcher and data spelunker Chris Vickery of the firm UpGuard about his discovery of a data trove containing consumer profiles on 123 million American households. Also: there’s a tough new standard for handling federal data come January 1st in the form of NIST’s 800-171 standard. And: Katie Moussouris joins us back in the studio to talk about what the updated Wassenaar Arrangement means for security researchers.
Microsoft is developing a secure processor for The Internet of Things under the banner of Project Sopris, Wired reports.