Tag: conferences

FTC Bows Out Of IOT Conference Amid Shutdown

Attendees at a high-level summit to discuss the fast-emerging Internet of Things in Washington D.C. were informed that a scheduled talk by Federal Trade Commission (FTC) Chairwoman Edith Ramirez would not take place because of a U.S. Government shutdown that began at Midnight. Ramirez was scheduled to address the 2013 M2M & Internet of Things Global Summit on Tuesday morning on “The FTC’s Interest in the Internet of Things,” but conference attendees told The Security Ledger that Ramirez was forced to cancel her talk because of a government shutdown. “Attendees were told she could not give it due to the shutdown,” said Torrey Barrett, a marketing professional attending the event, reported via Twitter. Ramirez was scheduled to speak at 9:00 AM on Tuesday as one of a series of keynote speakers, just after Michael Nelson (@MikeNelson), Microsoft’s Principal Technology Policy Strategist and just ahead of Chris Vein, a former deputy […]

Continue Reading

Podcast: Securing The Internet of Things

One of the most vexing problems created by the fast-evolving Internet of Things is how to secure the massive trove of data that is transmitted and then stored by smart devices such as automobiles, consumer and household electronics and personal devices. As we’ve seen, private sector firms have been aggressive in leveraging new technology to connect their products to the Internet. But less thought has been given to the security and privacy implications of doing so. Now people are starting to take notice. In recent weeks,  the FTC settled a case with a California firm, TRENDNet over balky home surveillance cameras they sold – cameras that were discovered to be easily discoverable and hackable from the public Internet. But, with so many cooks in the IoT kitchen (so to speak), where does responsibility for securing technology lie? Recently, I chatted with an expert on security and the Internet of Things. […]

Continue Reading

Insecure At Any Speed: Are Automakers Failing The Software Crash Test?

Editor’s Note: You can view the rest of my conversation about application and supply chain security, featuring Joshua Corman of Akamai and Chris Wysopal of Veracode by visiting Veracode’s web site. – PFR  You’re in the market for a new car, and you’ve made a list of the features you want: a cool, tablet style interface for the audio and navigation system, side impact airbags for the front and rear compartment, a pop-up third row of seating. Heck, maybe you even want to hold out for the automatic seat temperature control that some Lexus cars now come with. While you’re at it, how about some secure software, too? That last item probably isn’t on most buyers’ check list today, but it may be soon, according to two, prominent security experts: Chris Wysopal, of Veracode, and Joshua Corman of Akamai. Speaking on Talking Code, an exclusive video hosted by The Security Ledger […]

Continue Reading

Social Engineering Behind Syrian Hack Of NYT, Twitter?

How do you take some of the world’s largest online brands offline in a matter of minutes? If yesterday’s events are any guide, you do it by finding a gullible employee at vulnerable, downstream partner that those companies didn’t even know they had. That’s the lesson that appears to be emerging in the aftermath of yesterday’s chaotic tug of war between hackers who claim affiliation with The Syrian Electronic Army and some of the world’s leading online brands, including The New York Times, Twitter and Huffingtonpost.com. The attacks on Tuesday saw traffic to sites owned by those firms directed to web servers controlled by the attackers which displayed messages in support of the regime of embattled President Bashar al-Assad. According to a story in The New York Times, the attackers were able to compromise systems operated by Melbourne IT, an Australian domain registrar used by many prominent firms. With access to […]

Continue Reading

New Mobile Malware Taps Ad Networks To Spread

It was only a couple weeks back that we wrote about new research from the folks at WhiteHat Security that posited a way for mobile ad networks to be gamed and used to distribute malicious code. Now it looks as if the bad guys were one step ahead, as researchers at Palo Alto Networks reveal new type of malicious Android malware that uses mobile ad networks to infect vulnerable devices. Palo Alto described the new, malicious mobile software, dubbed “Dplug,” in a blog post on Monday. The company said the malware authors appear to be leveraging second tier mobile ad networks, mostly in Russia and the former Soviet Republics), to distribute their wares. The Dplug malware takes advantage of the deep integration between mobile applications and mobile advertising networks to gain a foothold on infected devices, then send out messages to premium SMS services to generate money for the fraudsters, according […]

Continue Reading
1 25 26 27 28 29 31