In a recent cyber threat report, McAfee provided some good intelligence on how cybercriminals use Mirai attacks to infect poorly configured Internet of Things (IoT) devices and turn them into bots used for large scale network attacks.
The Verizon security team recently announced the first Data Breach Digest, a series of 18 cybercrime cases the team investigated. The Verizon team starts with a sneak peek of one of the case studies that describes how a university was attacked by an IoT botnet consisting of over 5,000 infected hosts. The study concludes with 12 good lessons learned from the attack.
A new malware campaign was responsible for sending 23 million emails containing Locky ransomware in just 24 hours earlier this week.
To help organizations prepare for Internet of Things (IoT) threats, we outline some key security recommendations for IoT authorization, authentication and access control.
Security firm Sucuri warned back in June how compromised CCTV devices were used in multiple denial-of-service (DDoS) attacks every day. In the report, nearly 25,000 compromised devices from all over the world were used in various attacks on small businesses.
In this article, we highlight some key points from a recent Cloud Security Alliance (CSA) IoT report, to include hardware-based controls to enhance security of IoT products. The CSA IoT Working Group report, is titled "Future-proofing the Connected World: 13 Steps to Developing Secure IoT Products."
In this article, we highlight some key points from a recent Cloud Security Alliance (CSA) IoT Working Group report, "Future-proofing the Connected World: 13 Steps to Developing Secure IoT Products," to include guidance on how to establish a framework, platform and privacy protections to enhance security of IoT products.
A working group from the Cloud Security Alliance (CSA) published a report to help guide Internet of Things (IoT) developers and designers with security controls in 13 key areas to improve security in IoT products. The security guidance covers secure development, platform security, data/privacy protection, key management and secure communications, just to name a few.