Post Tagged with: "patching"

Smart TV + Rogue App = Surveillance Device

May 24, 2016 10:300 comments
A flaw in the way Google's Android verifies mobile applications opens the door to widespread attacks, according to researchers from Bluebox Security.

In-brief: researchers have demonstrated how a snooping Android application can turn an Android based smart television set into an omnibus surveillance device. Get ready for more IoT misappropriations like this.

Read more ›

On Data Breaches: Is Our Employees Learning?

May 23, 2016 10:090 comments
Companies are doing a poor job of addressing risks posed by insiders, an Experian sponsored survey by Ponemon suggests.

In-brief: companies are doing a poor job of educating employees to prevent inadvertent data breaches and spot malicious insider activity, despite the stakes. 

Read more ›

The Worm (Re)Turns, Targets Embedded Linux AirOS

May 22, 2016 09:270 comments
Vulnerable AirMax gear from Ubiquiti networks is being targeted by an Internet worm exploiting a known hole in the AirOS embedded Linux operating system.

In-brief: A self-reproducing Internet worm is spreading globally, infecting embedded systems running AirOS, Linux-based firmware that runs hardware like wireless routers and wireless access points.

Read more ›

Another Supply Chain Mystery: IP Cameras Ship With Malicious Software

April 14, 2016 19:310 comments
A network of 900 Closed Circuit Cameras were involved in a denial of service attack against a cloud-based service said the firm Imperva.

In-brief: The discovery of a malicious link buried in software for a common IP camera sold on Amazon and other online retail outlets is just the latest example of supply chain based threats to connected products.  

Read more ›

UL Charges for Cyber Standards, Draws Scrutiny

April 13, 2016 19:252 comments
A lab at Underwriters Laboratories, circa 1946. The group is coming under fire for refusing to publish the details of its new cyber security testing standards. (Image courtesy of The Library of Congress.)

In-brief: Product testing firm Underwriters Laboratories drew scrutiny by charging for copies of new standards for connected devices. But security experts say the new UL standards are poised to have a big impact – especially in industries like medicine and critical infrastructure. 

Read more ›