In-brief: Encryption keys used to secure data on- and communications between embedded devices are being recycled, creating a huge vulnerability that malicious hackers could exploit to snoop on sensitive communications or impersonate devices.
Patching
ERP Opens Doors To Oil Industry Hacks | Motherboard
In-brief: the energy sector is particularly vulnerable to attack via ERP and other mission critical systems, according to a report.
Study: Serious Web Security Flaws Rampant on Embedded Devices
In-brief: three quarters of embedded systems that sport web interfaces tested by researchers at universities in Germany and France contained serious security vulnerabilities, according to a new study. The results raise more questions about the security of embedded devices including home routers and home surveillance cameras.
Update: DHS Funding Research into secure updates for Vehicles
In-brief: the Department of Homeland Security is putting $4 million towards to research projects aimed at securing connected cars. (Updated to add comments from Dan Massey of DHS. – PFR 11/10/2015)
Firm: Two iOS Exploits Could Qualify for $1 Million Bounty
In-brief: One team qualified for the $1 million bounty for a working, remote exploit or jailbreak for devices running Apples iOS 9 operating system, according to the security firm Zerodium. A second may also qualify for at least a partial bounty. However, Apple may only be informed of the holes at a later date.
