There are plenty of standards that can be used to help secure The Internet of Things, but not much evidence that they’re being used, according to NIST, which calls on government and industry to settle on conforming standards for IoT products in a new report.
The UK’s Foreign Office Minister Lord Ahmad said that the UK Government believes Russia was responsible for the destructive NotPetya cyber-attack of June 2017. How can they be sure? We look at five, strong clues pointing back to the Kremlin.
Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast (#83): McAfee Chief Scientist Raj Samani talks to us about that company’s research into a string of targeted attacks on the organizers of the 2018 Winter Olympics in PyeongChang, South Korea. Also: information on 12,000 YouTube stars, Instagram power users and other online influencers was leaked online by the French firm Octoly. We interview Chris Vickery of UpGuard, who found the data trove. And: Google says it will start playing tough with web sites that haven’t made the cutover to secure HTTP come July. Jeremy Rowley of the firm DigiCert* joins us to talk about what that will mean for web sites that haven’t kicked the HTTP habit.
Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s episode of The Security Ledger Podcast (#82), we take a look at Autosploit, the new Internet of Things attack tool that was published on the open source code repository Github last week. Brian Knopf of the firm Neustar joins us to talk about what the new tool might mean for attacks on Internet of Things endpoints in 2018. Also: the go-live date for the EU General Data Protection Regulation is just months away, but many firms are still unaware that the regulation even exists. We’ll hear two reports from the front lines of GDPR, first from Sam Peifle of the International Association of Privacy Professionals and then by Shane Nolan of IDA, the Irish Development Authority.
Loosely attended smart home appliances may be platforms for cryptocurrency mining scams, a researcher with the firm IOActive warns.