In-brief: a little more than a month after revealing that it was working on guidelines for securing The Internet of Things, the Department of Homeland Security (DHS) on Tuesday published a set of what it calls “strategic principles” for IoT security.
In-brief: The security firm Rapid7 said it is launching a consulting and advisory service to help companies design more secure Internet of Things products and assess the risk of deploying IoT products in corporate environments.
In-brief: Governments looking to deploy ‘smart city’ technologies are still failing to pay enough attention to security and privacy issues, according to researcher Cesar Cerrudo.
The folks over at SCADA Strangelove turned me on to this article from the International Railway Journal that presents the findings of an analysis of the security of industrial control and SCADA systems used to manage railway networks. The conclusion: railways are rife with “faults and vulnerabilities (that will) allow cyber criminals to not only degrade key reliability parameters and bypass safety mechanisms (and) carry out attacks which directly affect rail traffic safety.” The study was conducted by Valentin Gapanovic, the senior vice president of Russian Railways, Efim Rozenberg, the first deputy director general at the Moscow based research firm NIIAS JSC and Kaspersky Lab Deputy Chief Technology Officer Sergey Gordeychik. At issue is not just the systems that are used to manage railway networks, including the movements of trains and critical switching systems that configure tracks. Rather: it is the culture of safety and security in the rail sector which, the study concludes, is still silo’d between physical […]
In-brief: A vulnerability in software by device maker D-Link is much more widespread than initially believed, affecting hundreds of thousands of Internet connected devices, including cameras, home routers, wireless access points and network attached storage.
