The Security Ledger is proud to offer content from some of the best minds in the business world and the information security, embedded device and critical infrastructure sectors. The following is a list of our regular contributors. [envira-gallery id=”471357″]
Search Results for "embedded device"
You’re Doing NAT Wrong! One Million SOHO Routers Vulnerable
A vulnerability in more than 1 million small office and home office (or SOHO) routers makes them potentially vulnerable to remote attacks that could expose private internal network traffic to prying eyes, according to a warning posted by the firm Rapid7.
Refrigerator Spam And Other Tall Tales: The Enterprise IoT Risk
On Thursday, I will chair an excellent discussion of security and the Internet of Things at the Qualys Security Conference (QSC) in Las Vegas. The discussion has the working title “Refrigerator Spam and Other Tall Tales: Assessing the Real Internet of Things Risk for Your Organization.“ As the title suggests, we’ll be disclaiming the FUD (fear, uncertainty and doubt) that surrounds much of the IoT and security space, while also highlighting the real risks that more and diverse connected devices pose to enterprises. I’ll be joined on stage by some truly exceptional minds. Among them: Danny McPherson, the Senior Vice President and Chief Security Officer at Verisign and Jonathan Trull, Chief Information Security Officer, Qualys. (Jon was our guest at the first Security Ledger/Invincea CISO hangout last week.). On stage with us will be Chris Rezendes, the President of INEX Advisors and one of our moderators at The Security of Things Forum. We’ll also be joined […]
Compromised Website Used In Attack On SoHo Routers
The folks over at the web security shop Sucuri have an interesting post today that warns of a web-based attack launched from the site of a popular Brazilian newspaper that is targeting home broadband routers. According to Sucuri, researchers investigating a breach at the web site politica . estadao . com . br uncovered evidence that the hackers were using iframe attacks to try to change the DNS configuration on the victim’s DSL router, first by trying a brute force attack on the router’s default credentials. According to Sucuri, the payload was trying to crack default accounts like admin, root, gvt and other common usernames and a variety of known-default router passwords. Small office and home office (or SoHo) broadband routers are an increasingly common target for cyber criminals because many (most?) are loosely managed and often deployed with default administrator credentials. [Read Security Ledger coverage of home router hacks here.] In March, the firm Team Cymru published a report describing a widespread compromise of […]
Time for an Administrator of Things (AoT)? – Security Intelligence Blog
Trend Micro’s Security Intelligence Blog has an interesting post today that looks at the changing demands of networked environments populated by smart “stuff.” Their conclusion: homes and businesses might find increasing need for someone to manage smart devices. “Managing a household full of smart devices calls for the skills of both a multi-user IT administrator and a handyman. Let’s call this role the Administrator of Things (AoT).” As in the early days of business networks, this role is currently ill-defined, Trend notes, with “ordinary users” taking on AoT tasks despite “scant evidence that they are ready for it.” Trend’s Geoff Grindrod doesn’t take a strong position on what the implications of all this complexity. (“This is something that should be looked into,” the report says.) However, he does anticipate friction. “How well people can actually perform (the job of AoT) has a huge impact on their daily lives, which includes the security of their household,” […]
