A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors.
Search Results for "embedded device"
Critical Flaws in VxWorks affect 200 Million Connected Things
Serious and exploitable security flaws in VxWorks, a commonly used operating system for embedded devices, span 13 years and could leave hundreds of millions* of connected devices vulnerable to remote cyber attacks and hacks. The security firm Armis on Monday published a warning about 11 critical, zero day vulnerabilities in the VxWorks operating system, which is owned and managed by the firm Wind River. The vulnerabilities expose more than 200 million devices and could allow attackers to remotely take control of everything from networked printers and security appliances to industrial and medical devices, according to Ben Seri, the Vice President of Research at Armis. Move over, EternalBlue! At least a couple of the flaws were described as “more serious” than EternalBlue, the Microsoft Windows flaw that powered both the WannaCry and NotPetya malware outbreaks. SCADA and industrial control system devices, healthcare devices like patient monitors and MRI machines, as well […]
Opinion: We need a way to talk about Cyber Physical Risk
How does a flaw potentially affecting the integrity of printer management application get a “critical” severity rating and one affecting the integrity and operation of anesthesia machines get a “moderate” severity rating? It has to do with our evolving and still immature system of rating (and therefore thinking about) cyber risk.
Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair
Cybersecurity luminaries including Bruce Schneier, Gary McGraw, Joe Grand, Chris Wysopal and Katie Moussouris are backing securepairs.org, countering industry efforts to paint proposed right to repair laws in 20 states as a cyber security risk.
Testimony: There’s No Internet of Things Risk in Repair
A proposed right to repair law in New Hampshire won’t make the Internet of Things one iota less secure. It will benefit consumers and the planet by extending the useful life of a wide range of connected devices, while making it easier to keep them secure throughout their useful life.
