It has been reported that Israeli security firm JSOF revealed today a collection of vulnerabilities it’s calling Ripple20, a total of 19 hackable bugs it has identified in code sold by a little known Ohio-based software company called Treck, a provider of software used in internet-of-things devices.
JSOF’s researchers found that one bug-ridden part of Treck’s code, built to handle the ubiquitous TCP-IP protocol that connects devices to networks and the internet, in the devices of more than 10 different manufacturers—from HP and Intel to Rockwell Automation, Caterpillar, and Schneider Electric—and likely dozens more, JSOF believes. The result, the researchers say, is the better part of a billion hackable devices in the wild that have likely been vulnerable for years, and will need to be patched to protect them from a broad array of attacks.
Experts Comments
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Jonathan Knudsen, Senior Security Strategist , provides expert commentary at @Information Security Buzz.
"Nevertheless, something will always go wrong and updates will always be necessary. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/a-legion-of-bugs-puts-hundreds-of-millions-of-iot-devices-at-risk
Facebook Message
@Jonathan Knudsen, Senior Security Strategist , provides expert commentary at @Information Security Buzz.
"Nevertheless, something will always go wrong and updates will always be necessary. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/a-legion-of-bugs-puts-hundreds-of-millions-of-iot-devices-at-risk