Are IoT (Internet of Things) devices security time bombs waiting to explode, or just benign and hugely-beneficial technological advances? As ever, the truth is somewhere in between, but there is a very simple test you can apply to assess which end of the spectrum a device sits at: ‘It depends’. IT decision-makers were asked to identify the main barriers when implementing or exploiting an IoT initiative: Device or data security was named as a factor by 39 percent of respondents, (the biggest consensus of the survey), while 34 percent named a lack of clarity of purpose or understanding of the…
ISBuzz Team
Following today’s announcement from Cifas that ID fraud has reached record levels, Paco Garcia, CTO, Yoti commented below. Paco Garcia, CTO at Yoti: “Today’s identity fraud figures from Cifas highlight a growing trend that’s, unfortunately, affecting more people every day. While peoples’ desire for convenience often trumps security concerns, it’s clear that individuals need greater support to operate both conveniently and securely in an increasingly digital world. “Websites need to prMuhammedotect customers by giving them a better, safer way to create and access online accounts. Once websites overcome this secure login challenge, we’ll be on the way to overcoming the…
The New York Times has reported that hackers are targeting mobile phone numbers to gain access to consumers’ online accounts. According to the Times, hackers have increasingly been calling up Verizon, T-Mobile U.S., Sprint and AT&T and asking them to transfer control of a victim’s phone number to a device under the hacker’s control. The hacker then resets the passwords on every account that uses the phone number as a security backup. Ryan Wilk, VP at NuData Security commented below. Ryan Wilk, VP at NuData Security: “Identifying true customers online is a herculean challenge for even the savviest of technology companies and, in this case, providers.…
News has surfaced that security researchers were able to hack into a popular house robot and program it to wield a screwdriver and stab violently at a tomato. The hack is an example of how potentially dangerous these systems can be when hacked. Cesare Garlati, chief security Strategist at the prpl Foundation commented below. Cesare Garlati, chief security Strategist at the prpl Foundation: “With the introduction of robots making their way into our homes and in industrial settings, the appeal is to make human lives more efficient. However, robots present an extreme danger to the public if security is not properly addressed.…
Kaspersky Lab has released a beta version of its solution for the “smart” home and the Internet of Things – Kaspersky IoT Scanner. This free application for the Android platform scans the home Wi-Fi network, informing the user about the devices connected to it and their level of security. As the Internet of Things continues to increase in popularity, cybercriminals are eagerly looking for ways to take advantage of this growing trend. Instead of making life easier for their owners, smart devices are increasingly becoming a weak link in their security. According to analytical data from Gartner, over six billion IoT…
The National Infrastructure Advisory Council has issued a report that says while both government and the private sector have resources to secure critical infrastructure against targeted cyberattacks, they are not properly organized, harnessed or focused. Edgard Capdevielle, CEO at Nozomi commented below. Edgard Capdevielle, CEO at Nozomi: “The National Infrastructure Advisory Council (NIAC) report on Securing Critical Assets brings needed attention to the urgency of securing critical infrastructure. One way operators of power, water, transportation and other vital sectors can immediately improve their readiness, is to implement technology that provides real-time visibility to their cybersecurity threats and risks. This is in…
Every day hackers grow bolder as their cyberattacks gain more potential for reward. Many large-scale companies have grappled with breaches including Sony, Target, FedEx, Honda, Nissan, Renault, Verizon and more. The nature of attacks is changing and becoming more focused on sensitive consumer data. Thanks to ransomware and deep mining malware, hackers are collecting information and using it to make a quick buck. Armed with a list of names, addresses, emails, credit and payment info, and much more, the unscrupulous can sell these assets on the open market to the highest bidder. Of course, once in the hands of someone…
ESET Ireland has identified another potentially dangerous phishing scam that aims to gather Microsoft Office 365 logins via a faked FedEx email. The cybercriminals are sending a fresh email that looks like it’s coming from FedEx and says “you have an important package waiting” and offers a link where you can “track” it. Clicking the link takes you to a phishing page, on what appears to be a compromised Indian website, which asks you to sign in with your Office 365 details in order to “confirm delivery address”. Once you hand over your Office 365 logins to the cybercriminals, for them to…
Kyle Lady, Senior R&D Engineer, Duo Security commented below on the story regarding attackers exploiting two-factor authentication by using a phone numbers to gain access to victim’s devices. Kyle Lady, Senior R&D Engineer at Duo Security: “We agree that there are stronger forms of authentication than SMS (such as push and U2F), as SMS and email-based authentication are vulnerable to interception via ISP sniffing or phone cloning. However, we also believe that some form of second factor authentication is better than none at all – and before we throw the baby out with the bathwater, we need to consider adoption rates,…
News broke today that 25 footballers who were using Therapeutic Use Exemptions (TUE’s) during the 2010 world cup have been named by the infamous Fancy Bears hacking group. Former premier league footballers such as Carlos Tevez, Dirk Kuyt and Gabriel Heinze are among those named. IT security experts from DomainTools and AlienVault commented below. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools: “This data dump is yet another example of the importance of security measures to protect all kinds of data. While it’s safe to assume the release of this information has been done for politically motivated reasons, such data being released means they could have…
