In-brief: The security firm Bluebox says the mobile applications used with Hello Barbie contain security flaws that could lead to the theft of passwords and other information. Update: this story was updated to include comment from Bluebox and ToyTalk. PFR 12/4/2015
In-brief: Encryption keys used to secure data on- and communications between embedded devices are being recycled, creating a huge vulnerability that malicious hackers could exploit to snoop on sensitive communications or impersonate devices.
In-brief: The Online Trust Alliance, a group representing some of the largest technology and retail firms in the U.S., has proposed a framework for ensuring the privacy and security of connected devices. The OTA proposal would eliminate some of the more egregious data harvesting practices of connected device makers.
In-brief: A survey out from the firm Banyan finds that official and general repositories on Docker Hub are rife with serious and exploitable software vulnerabilities, including Heartbleed, Shellshock and Poodle.
In-brief: Tune in to our conversation with Dell CISO Alan Daines on Friday, May 29th at 1:00 PM ET. Click the image above to register!