2021, Architecture, Blog and IoT - Cyber Security Informer

Attacks Escalating Against Linux-Based IoT Devices

eSecurity Planet

JANUARY 20, 2022

Incidents of malware targeting Linux-based Internet of Things (IoT) devices jumped by more than a third in 2021, with three malware families the primary drivers behind the increase. There was a 10-fold increase in the number of samples of Mozi found in the wild, Mihai Maganu, a threat researcher at CrowdStrike, wrote in a blog post.

IoT

IoT DDOS Malware Internet

Guest Blog: TalkingTrust. What’s driving the security of IoT?

Thales Cloud Protection & Licensing

MARCH 10, 2021

Guest Blog: TalkingTrust. What’s driving the security of IoT? Thu, 03/11/2021 - 07:39. First off, connected vehicles and IoT devices are highly attractive targets to hackers. Many IoT products in the market today will outlive the validity of cryptographic algorithms they use to protect devices and encrypt sensitive data.

IoT

IoT Firmware Manufacturing Encryption

Hyperautomation and Cybersecurity – A Platform Approach to Telemetry Architectures

McAfee

AUGUST 3, 2021

The rise of telemetry architectures, combined with cloud adoption and data as the “new perimeter,” pose new challenges to cybersecurity operations. It all begins with the build-up of an appropriate telemetry architecture, and McAfee Enterprise’s billion-sensor global telemetry is unmatched. Workflows are effortless to orchestrate.

Architecture

Architecture Cybersecurity Cyber threats Artificial Intelligence

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Use cases of secure IoT deployment

Thales Cloud Protection & Licensing

MAY 31, 2021

Use cases of secure IoT deployment. Tue, 06/01/2021 - 06:55. In our previous blog post , we discussed the challenges for securing IoT deployments, and how businesses and consumers benefit from authenticating and validating IoT software and firmware updates. Use case 1: Fortune 500 Healthcare Company.

IoT

IoT Computers and Electronics Manufacturing Firmware

GUEST ESSAY: Remote workforce exposures exacerbate cybersecurity challenges in 2021

The Last Watchdog

MARCH 31, 2021

The start of 2021 brings forth a cyber security crossroads. Ransomware and fileless malware breaches will rapidly continue to destabilize businesses in 2021. One proven way to overcome these kinds of attacks is by implementing zero trust architecture. Related: Breaches spike during pandemic.

Cybersecurity

Cybersecurity Architecture Authentication Malware

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. The Enemybot botnet employs several methods to spread and targets other IoT devices. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. The Enemybot botnet employs several methods to spread and targets other IoT devices. The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities.

Malware

Malware DDOS IoT Cybercrime

Cloud API Services, Apps and Containers Will Be Targeted in 2022

McAfee

NOVEMBER 14, 2021

In this blog, we take a deeper dive into cloud security topics from these predictions focusing on the targeting of API services and apps exploitation of containers in 2022. 5G and IoT Traffic Between API Services and Apps Will Make Them Increasingly Lucrative Targets. billion IoT devices are expected to be in use worldwide by 2025.

IoT

IoT Risk Marketing Software

Zero Trust Is (also) About Protecting Machine Identities

Security Boulevard

SEPTEMBER 30, 2022

A key principle of a Zero Trust architecture, as defined in NIST SP 800-207 , is that no network is implicitly trusted. of all internet activity in 2021 , up from 40.8% Consumer devices, like smartphones and IoT gadgets. Hence, all network traffic “must be encrypted and authenticated as soon as practicable.” UTM Medium.

IoT

IoT Authentication Encryption Architecture

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

In November 2021, AT&T Alien Labs™ first published research on our discovery of new malware written in the open-source programming language Golang. Alien Labs expects to see new campaigns based on BotenaGo variants targeting routers and IoT devices globally. Executive summary. The team named this malware “BotenaGo.”

Malware

Malware IoT Authentication Antivirus

Uncommon infection methods—part 2

SecureList

APRIL 13, 2023

In this blog post, we provide excerpts from the recent reports that focus on uncommon infection methods and describe the associated malware. RapperBot then determines the processor architecture and infects the device. Recently we explored the topic of infection methods, including malvertising and malicious downloads.

Malware

Malware Engineering Advertising Phishing

Smart Government and IoT: The Importance of Integration

McAfee

APRIL 7, 2020

While its meaning varies for each stakeholder, the public sector – smart government – is evolving toward a unified architecture that encourages integration, agile innovation, and information sharing across platforms and Agencies. It is forecasted that the number of connected IoT devices will surpass 25 billion by 2021.

IoT

IoT Government Artificial Intelligence Architecture

New BotenaGo variant specifically targets Lilin security camera DVR devices

Security Affairs

APRIL 19, 2022

The BotenaGo botnet was first spotted in November 2021 by researchers at AT&T, the malicious code leverages thirty-three exploits to target millions of routers and IoT devices. file downloads Mirai payloads compiled for multiple architectures and attempts to execute them on the compromised device. To nominate, please visit:?

Malware

Malware IoT Antivirus Architecture

Easily Exploitable Linux Flaw Exposes All Distributions: Qualys

eSecurity Planet

JANUARY 26, 2022

The vulnerability, tracked as CVE-2021-4034 , has “been hiding in plain sight” for more than 12 years and infects all versions of polkit’s pkexec since it was first developed in 2009, Bharat Jogi, director of vulnerability and threat research at Qualys, wrote in a blog post. Log4Shell is tracked as CVE-2021-44228.

Manufacturing

Manufacturing IoT Software DDOS

CrowdStrike Adds New Strategic Partners to Groundbreaking CrowdXDR Alliance

CyberSecurity Insiders

DECEMBER 20, 2021

.–( BUSINESS WIRE )– CrowdStrike Inc. , (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today announced that it has expanded the CrowdXDR Alliance to include key strategic partners across technology categories, including cloud, Internet of Things (IoT) and network.

IoT

IoT Technology Artificial Intelligence Architecture

Ransomware rolled through business defenses in Q2 2022

Malwarebytes

JULY 13, 2022

Hive ransomware, a RaaS launched in June 2021, was also busy in March. To add insult to injury, REvil (aka Sodonokibi) appeared to return in April with new payloads and a fresh leak blog featuring a mixture of recent and old victims. This allows the malware to run on different combinations of operating systems and architectures.

Ransomware

Ransomware Manufacturing Government Computers and Electronics

How to Interpret the Various Sections of the Cybersecurity Executive Order

Security Boulevard

JUNE 22, 2021

The Biden administration released a new executive order for cybersecurity on May 12, 2021. It sets the groundwork for moving the Federal Government to secure cloud services and a zero-trust architecture. Wysopal is a strong proponent of the labeling program, comparing it to programs used in the UK and Singapore on IoT devices.

Cybersecurity

Cybersecurity Government Software Architecture

How to Interpret the Various Sections of the Cybersecurity Executive Order

Veracode Security

JUNE 22, 2021

The Biden administration released a new executive order for cybersecurity on May 12, 2021. It sets the groundwork for moving the Federal Government to secure cloud services and a zero-trust architecture. Wysopal is a strong proponent of the labeling program, comparing it to programs used in the UK and Singapore on IoT devices.

Cybersecurity

Cybersecurity Government Software Architecture

Cisco’s Vision for SASE and a Brand New Offer to Kickstart Your Journey

Cisco Security

MARCH 30, 2021

This blog was written in collaboration with James Mobley. This drives the need to rethink the traditional network architecture, and the concept of a secure access service edge (SASE) emerged as a result. Cisco’s SASE architecture secures and optimizes your connectivity so you can deliver the best application experiences.

Architecture

Architecture Internet Internet Authentication

Understanding Certificate Automation Protocols

Security Boulevard

APRIL 4, 2022

The previous version, ACME v1, was deprecated on June 1st, 2021. On September 15, 2021, the DNS records for acme-v01.api.letsencrypt.org You can read all about the key points of how ACME works in this blog. Today the protocol has become a standard ( RFC 8555 ). api.letsencrypt.org were removed. But first, a quick refresher.

Encryption

Encryption Authentication DNS Risk

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. The sudo vulnerability aka CVE-2001-3156 , seemed to go under the radar after it was announced and patches were released on 26th January 2021. Npower App Hack.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

Cyber Security Informer

Attacks Escalating Against Linux-Based IoT Devices

Guest Blog: TalkingTrust. What’s driving the security of IoT?

Webinars

Trending Sources

Hyperautomation and Cybersecurity – A Platform Approach to Telemetry Architectures

Webinars

Use cases of secure IoT deployment

GUEST ESSAY: Remote workforce exposures exacerbate cybersecurity challenges in 2021

Enemybot, a new DDoS botnet appears in the threat landscape

EnemyBot malware adds new exploits to target CMS servers and Android devices

Cloud API Services, Apps and Containers Will Be Targeted in 2022

Zero Trust Is (also) About Protecting Machine Identities

BotenaGo strikes again – malware source code uploaded to GitHub

Uncommon infection methods—part 2

Smart Government and IoT: The Importance of Integration

New BotenaGo variant specifically targets Lilin security camera DVR devices

Easily Exploitable Linux Flaw Exposes All Distributions: Qualys

CrowdStrike Adds New Strategic Partners to Groundbreaking CrowdXDR Alliance

Ransomware rolled through business defenses in Q2 2022

How to Interpret the Various Sections of the Cybersecurity Executive Order

How to Interpret the Various Sections of the Cybersecurity Executive Order

Cisco’s Vision for SASE and a Brand New Offer to Kickstart Your Journey

Understanding Certificate Automation Protocols

Cyber Security Roundup for March 2021

Stay Connected