There are plenty of standards that can be used to help secure The Internet of Things, but not much evidence that they’re being used, according to NIST, which calls on government and industry to settle on conforming standards for IoT products in a new report.
Consumer Reports warns that smart TVs by Samsung and other vendors are vulnerable to disorienting remote attacks.
Podcast: Play in new window | Download (Duration: 43:24 — 49.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode of The Security Ledger Podcast (#82), we take a look at Autosploit, the new Internet of Things attack tool that was published on the open source code repository Github last week. Brian Knopf of the firm Neustar joins us to talk about what the new tool might mean for attacks on Internet of Things endpoints in 2018. Also: the go-live date for the EU General Data Protection Regulation is just months away, but many firms are still unaware that the regulation even exists. We’ll hear two reports from the front lines of GDPR, first from Sam Peifle of the International Association of Privacy Professionals and then by Shane Nolan of IDA, the Irish Development Authority.
Podcast: Play in new window | Download (Duration: 39:57 — 45.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast: researcher Kevin Fu of University of Michigan discusses his work on attacks that use physics to manipulate connected devices. Also: Mark Loveless of DUO discusses his research into how poor implementation of wireless protocols make personal security trackers a privacy risk. And have we seen peak ransomware? Adam Kujawa of the firm Malwarebytes joins us to talk about the findings of that company’s State of Malware Report.
Podcast: Play in new window | Download (Duration: 36:28 — 41.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast, Episode – number 80 – we look at Advanced Persistent Threat (or APT) actors three ways with three different experts offering their take on the world’s most sophisticated hacking groups in Russia, North Korea and the Middle East.