Malware

The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored "advanced persistent threat" groups, the firm FireEye said in its most recent M-Trends report.

Report: Hacking Crews are all APT now

  In-brief:The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored “advanced persistent threat” groups, the firm FireEye said in its most recent M-Trends report.

In just the last week, remotely exploitable security holes cropped up in hundreds of models of IP enabled security cameras and recorders as well as a popular line of network attached storage (NAS) devices. The culprit? Shoddy firmware and lax oversight.

Merchants of Doh! Cameras, DVRs, NAS Fall Down on Security

In-brief: In just the last week, remotely exploitable security holes cropped up in hundreds of models of IP enabled security cameras and recorders as well as a popular line of network attached storage (NAS) devices. The culprit? Shoddy firmware and lax oversight by vendors. When will it end??

Consumer Reports said new standards will push better security and privacy protections for connected products.

Consumer Reports Publishes Draft Cyber Standard

In-brief: Consumer Reports released a draft standard for security digital devices, calling on manufacturers to secure their products and give consumers the right to repair them. 

Reports by security researchers say that hundreds of thousands of customers of CloudPets had their information exposed online in an unsecured customer database.

Updated: The CloudPets Incident is Everything That’s Wrong with Consumer Internet of Things

In-brief: the apparent leak of data on owners of CloudPets connected stuffed animals underscores lax security and privacy practices that are common among connected products firms. (Updated with comment from Troy Hunt. PFR 2/28/2017.)

AT&T said it saw a spike in scans for vulnerable IoT devices in the months leading up to the Mirai botnet attacks. (Image courtesy of AT&T)

AT&T: Mirai’s Rise Seen in IoT Vulnerability Scans

In brief: In a new report, Internet provider AT&T said that scans for vulnerable IoT devices spiked in the first half of 2016, months before the Mirai botnet, made up largely of IoT devices, launched denial of service attacks on DYN and other targets.