Blog and IoT - Cyber Security Informer

Weekly Update 219: IoT Unravelled with Scott Helme

Troy Hunt

NOVEMBER 28, 2020

Blog post every day, massive uptick in comments, DMs, newsletter subscribers, followers and especially, blog traffic. More than 200,000 unique visitors dropped by this week, mostly to read about IoT things. This has been a fascinating experience for me and I've enjoyed sharing the journey, complete with all my mistakes ??

IoT

IoT Firmware Password Management Passwords

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Encryption

IoT Unravelled Part 4: Making it All Work for Humans

Troy Hunt

NOVEMBER 25, 2020

The first few parts of this series have all been somewhat technical in nature; part 1 was how much of a mess the IoT ecosystem is and how Home Assistant aims to unify it all, part 2 got into the networking layer with both Wi-Fi and Zigbee and in part 3 , I delved into security. Now let's tackle something really tricky - humans.

IoT

IoT Firmware Marketing Media

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

The Internet of Things (IoT) has come a long, long way since precocious students at Carnegie Melon University installed micro-switches inside of a Coca-Cola vending machine so they could remotely check on the temperature and availability of their favorite beverages. Related: Companies sustain damage from IoT attacks That was back in 1982.

IoT

IoT Healthcare Internet Internet

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

MARCH 28, 2019

Related: IoT botnets now available for economical DDoS blasts. His blog, Krebs on Security , was knocked down alright. And since Dyn routed traffic, not just to Krebs’ blog, but also to Twitter, Spotify, Netflix, Amazon, Tumblr, Reddit and PayPal, those popular websites were offline for some 12 hours, frustrating millions.

DDOS

DDOS IoT DNS Internet

IoT Inspector Tool from Princeton

Schneier on Security

MAY 1, 2018

Researchers at Princeton University have released IoT Inspector , a tool that analyzes the security and privacy of IoT devices by examining the data they send across the Internet. They've already used the tool to study a bunch of different IoT devices. Related: IoT Hall of Shame. Some examples include: Samsung Smart TV.

IoT

IoT Manufacturing Encryption DNS

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

Krebs on Security

MAY 20, 2025

The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. Read on for more about the botnet, the attack, and the apparent creator of this global menace. For reference, the 6.3 Image: Cloudflare.

DDOS

DDOS IoT Internet Internet

Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices

Trend Micro

NOVEMBER 17, 2024

In this blog entry, we discuss Water Barghest's exploitation of IoT devices, transforming them into profitable assets through advanced automation and monetization techniques.

IoT

IoT Marketing

Weekly Update 179

Troy Hunt

FEBRUARY 21, 2020

On reflection, I feel this week's update was dominated by having a laugh at an IoT candle ?? I bought an IoT candle! And that's fair, too, even though I then went and bought one because hey, this is gonna be great conference talk material!

IoT

Last Watchdog’s IoT and ‘zero trust’ coverage win MVP awards from Information Management Today

The Last Watchdog

DECEMBER 5, 2019

My primer on the going forward privacy and security implications of IoT — What Everyone Should Know About the Promise and Pitfalls of the Internet of Things — won second place in the contest’s IoT Security category.

IoT

IoT Cyber Risk Internet Internet

Weekly Update 229

Troy Hunt

FEBRUARY 4, 2021

But I digress; this week's update consists of some brief discussion around data breaches and yesterday's blog post on how I like to meet, followed by a lot of audience engagement on the topic of IoT. I really enjoyed that and it went on a lot longer than planned, I hope you get something out of it too.

IoT

IoT Data breaches Software Cybersecurity

Patch now! The Mirai IoT botnet is exploiting TP-Link routers

Graham Cluley

MAY 4, 2023

Businesses should patch their TP-Link routers as soon as possible, after the revelation that a legendary IoT botnet is targeting them for recruitment. Read more in my article on the Tripwire State of Security blog.

IoT

IoT DDOS

Attacks Escalating Against Linux-Based IoT Devices

eSecurity Planet

JANUARY 20, 2022

Incidents of malware targeting Linux-based Internet of Things (IoT) devices jumped by more than a third in 2021, with three malware families the primary drivers behind the increase. There was a 10-fold increase in the number of samples of Mozi found in the wild, Mihai Maganu, a threat researcher at CrowdStrike, wrote in a blog post.

IoT

IoT DDOS Malware Internet

IoT Testbeds and Testing Tools

Security Boulevard

DECEMBER 12, 2021

Internet of Things (IoT) The Internet of Things or IoT refers to the thousands of physical gadgets in the world now linked to the internet and all data are collected and shared. The post IoT Testbeds and Testing Tools appeared first on Speranza. The post IoT Testbeds and Testing Tools appeared first on Speranza.

IoT

IoT Wireless Internet Internet

Weekly Update 294

Troy Hunt

MAY 6, 2022

It's back to business as usual with more data breaches, more poor handling of them and more IoT pain. I think on all those fronts there's a part of me that just likes the challenge and the opportunity to fix a broken thing.

IoT

IoT Data breaches Passwords

The Battle Against IoT Cyber Threats

Security Boulevard

MAY 15, 2023

The rapid increase of the Internet of Things (IoT) technology has transformed the world in many ways. From home automation to industrial control systems, IoT has become an integral part of our daily lives. In this blog post, we will […] The post The Battle Against IoT Cyber Threats appeared first on PeoplActive.

Cyber threats

Cyber threats IoT Technology Internet

Impact of IoT Security for 5G Technology

Security Boulevard

APRIL 4, 2024

5G technology impacts not just our daily lifestyle but the Internet of Things (IoT) as well. The world of 5G is not only transformed by hyper-connectivity but is also involved in the future hinges on a critical element: IoT security. Unlike […] The post Impact of IoT Security for 5G Technology appeared first on Kratikal Blogs.

IoT

IoT Technology Internet Internet

Smart Grid, Energy Management and IoT

Security Boulevard

DECEMBER 2, 2021

IoT The Internet of Things (IoT) defines the network of physical objects including sensors, software, and other technologies for the purpose of data connection, exchange, and communication over the internet with other devices and systems. 1: Description image for IoT (Source: [link] [.].

IoT

IoT Internet Internet Technology

Top 5 IoT Security Testing Companies to Rely on

Security Boulevard

DECEMBER 28, 2022

Albeit, IoT is the escape route to push these convolutions at bay, so IoT security plays a prime role. The interconnecting machines’ network that supports effortless data exchange is popularly termed IoT […]. The post Top 5 IoT Security Testing Companies to Rely on appeared first on Kratikal Blogs.

IoT

IoT Penetration Testing

Weekly Update 293

Troy Hunt

APRIL 30, 2022

Didn't get a lot done this week, unless you count scuba diving, snorkelling, spear fishing and laying around on tropical sand cays 😎 This week is predominantly about the time we just spent up on the Great Barrier Reef which has very little relevance to infosec, IoT, 3D printing and the other usual topics.

InfoSec

InfoSec IoT

The Cyber Risks of Transportation’s Connected OT/IoT Systems

Security Boulevard

FEBRUARY 9, 2021

The post The Cyber Risks of Transportation’s Connected OT/IoT Systems appeared first on Nozomi Networks. The post The Cyber Risks of Transportation’s Connected OT/IoT Systems appeared first on Security Boulevard.

Cyber Risk

Cyber Risk IoT Risk Cybersecurity

Weekly Update 220

Troy Hunt

DECEMBER 4, 2020

It's a lighter weekly update this week, kinda feels like I'm still recovering from last week's epic IoT series TBH. that's the launch blog post, how things have changed. But there's still an hour of content today including the fact that it's HIBP's birthday ?? References It's Have I Been Pwned's birthday ??

Password Management

Password Management IoT Passwords

Weekly Update 243

Troy Hunt

MAY 14, 2021

: I’m Back at a *REAL* Conference; Dealing with RSI; Shellies and MQTT; My IoT Aircon Hack; Drowning in Data Breaches. References I've been at a real conference this week, with people and all!

IoT

IoT Data breaches Hacking

Sensors Data Management, IoT Mining and Analytics

Security Boulevard

NOVEMBER 23, 2021

Definition of Internet of Things (IoT ) The Internet of Things stands for IoT. The post Sensors Data Management, IoT Mining and Analytics appeared first on Speranza. The post Sensors Data Management, IoT Mining and Analytics appeared first on Security Boulevard. Things refer to the items we use in our daily lives (e.g.,

IoT

IoT Internet Internet Software

Smart Home Data Breach Exposes 2.7 Billion Records

ZoneAlarm

FEBRUARY 23, 2025

Mars Hydro, a Chinese company that makes IoT devices like LED lights and hydroponics equipment, recently suffered a massive data breach, exposing approximately 2.7 Billion Records appeared first on ZoneAlarm Security Blog. Billion Records appeared first on ZoneAlarm Security Blog. billion records.

Data breaches

Data breaches IoT Internet Internet

OT and IoT Security: Adopt a Post-Breach Mindset Today

Security Boulevard

MAY 8, 2021

The post OT and IoT Security: Adopt a Post-Breach Mindset Today appeared first on Nozomi Networks. The post OT and IoT Security: Adopt a Post-Breach Mindset Today appeared first on Security Boulevard. Organizations need to reset themselves to have a post-breach mindset, pre-breach.

IoT

IoT Ransomware

Controlling Smart Lights Using Dumb Switches with Shelly and Home Assistant

Troy Hunt

FEBRUARY 16, 2021

This tweet from Adam Fowler that I embedded in the IoT blog series linked above perfectly explains the problem: I was looking at doing exactly this with my downlights, but the idea of the wall switch annoyed me - if it's off, I can't then voice turn on the lights. Why do my smart lights keep going offline?

IoT

Protecting the energy sector’s industrial IoT

Security Boulevard

JANUARY 24, 2022

By Steve Hanna, Co-chair of TCG’s Industrial Work Group and IoT Work Group Many sectors now utilize Internet of Things (IoT) equipment to drive digital transformation, and ultimately increase automation and efficiency. The post Protecting the energy sector’s industrial IoT appeared first on Trusted Computing Group.

IoT

IoT Energy and Utilities Digital transformation Internet

New Report: Ransomware, Vulnerabilities and IoT Security Threats

Security Boulevard

JULY 15, 2021

Nozomi Networks Labs has produced a new OT/IoT security report. Don’t miss this summary of vulnerability trends as well as important information about ransomware and IoT security camera threats. The post New Report: Ransomware, Vulnerabilities and IoT Security Threats appeared first on Nozomi Networks.

IoT

IoT Ransomware

Podcast: Can we fix IoT security?

Webroot

JUNE 25, 2021

Security experts warn that while the internet of things (IoT) isn’t inherently a bad thing, it does present concerns that must be considered. Milbourne suggests problems of IoT and home network security could be addressed with a cybersecurity version of ENERGY STAR ratings. The post Podcast: Can we fix IoT security?

IoT

IoT Data collection Internet Internet

A DNS flaw impacts a library used by millions of IoT devices

Security Affairs

MAY 3, 2022

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. To nominate, please visit:?

DNS

DNS IoT Hacking Cybersecurity

5G and IoT for Intelligent Connectivity

Security Boulevard

OCTOBER 5, 2022

The post 5G and IoT for Intelligent Connectivity appeared first on Kratikal Blogs. The post 5G and IoT for Intelligent Connectivity appeared first on Security Boulevard. The internet of things is growing at an astounding rate as the world is expanding and society continues to change and influence our daily lives.

IoT

IoT Internet Internet Mobile

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. “Read the GreyNoise Labs blog for technical analysis and deeper insight into how Sift helped discover these zero-day vulnerabilities.”

Firmware

Firmware Manufacturing IoT Healthcare

Expert Insights on IoT Security Challenges in 2024

Security Boulevard

APRIL 5, 2024

Advancements in Internet of Things (IoT) technologies are paving the way for a smarter, more interconnected future. According to Global Data, the global IoT market could be worth $1.1 According to Global Data, the global IoT market could be worth $1.1

IoT

IoT Marketing Internet Internet

Weekly Update 234

Troy Hunt

MARCH 12, 2021

Cyber stuff, audio stuff, IoT stuff - it's all there! Home Assistant started telling people not to use Pwned Password, and people got pissed (this is nuts, and it deserved a dedicated blog post) Sponsored by safepass.me: Get a FREE password audit on your Active Directory users with pwncheck from safepass.me.

Passwords

Passwords IoT Hacking

Attackers Exploit Flaw that Could Impact Millions of Routers, IoT Devices

eSecurity Planet

AUGUST 10, 2021

In a recent blog post , the researchers said the bad actors are looking to leverage a path traversal vulnerability that could affect millions of home routers and other Internet of Things (IoT) devices that use the same code base and are manufactured by at least 17 vendors. The responsibility here must lie with the end users.”

IoT

IoT DDOS Internet Internet

IoT Protocols and Standards (IPv6, 6LoWPAN, RPL, 6TiSCH, WoT, oneM2M, etc.)

Security Boulevard

NOVEMBER 29, 2021

The post IoT Protocols and Standards (IPv6, 6LoWPAN, RPL, 6TiSCH, WoT, oneM2M, etc.) The post IoT Protocols and Standards (IPv6, 6LoWPAN, RPL, 6TiSCH, WoT, oneM2M, etc.) The main purposes of an Internet Protocol are routing traffic across the Internet, packet-switched internetworking, and allowing end-to-end datagram [.].

IoT

IoT Internet Internet

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

“they serve the purpose of propagation using credential brute force and exploitation of the Symantec Secure Web Gateway RCE vulnerability This blog post provides any noteworthy technical details on these two campaigns.” ” continues the report. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Authentication Firmware

Extending Cybersecurity Awareness to IoT Devices

Security Boulevard

OCTOBER 31, 2023

If you’re like most organizations the answer is IoT devices and applications; it’s the fastest growing attack surface for most organizations and on track to set a new […] The post Extending Cybersecurity Awareness to IoT Devices appeared first on Viakoo, Inc.

IoT

IoT Cybersecurity

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

SecureWorld News

OCTOBER 16, 2024

The breaches underscore the growing threat of vulnerabilities in IoT (Internet of Things) devices. A January 2024 blog on ToolingIdeas.com provides a comprehensive rundown of the risks of IoT devices, particularly robot vacuums. The video is unnerving.

IoT

IoT Hacking Risk Internet

The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets

Security Boulevard

MAY 2, 2024

We have come to […] The post The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets appeared first on CISO Global. The post The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets appeared first on Security Boulevard.

Surveillance

Surveillance IoT CISO Data collection

The European Union Prepares New Cybersecurity Regulations for IoT Devices

Heimadal Security

SEPTEMBER 19, 2022

The post The European Union Prepares New Cybersecurity Regulations for IoT Devices appeared first on Heimdal Security Blog. Device manufacturers with poor cybersecurity policies and features risk paying fines if the new regulation is enacted. What Is The Act Affecting? By introducing […].

IoT

IoT Cybersecurity Manufacturing Software

Mitigate Industrial IoT Security Challenges with PKI Solutions

GlobalSign

MARCH 14, 2023

Industrial IoT has become very attractive targets to cyber criminals, but how can you mitigate IIoT security challenges with PKI solutions? Discover how in this blog.

IoT

Weekly Update 197

Troy Hunt

JUNE 26, 2020

Amidst all that, I've well and truly gone down the IoT rabbit hole with all sorts of bits now connected through Home Assistant (just understanding the basics of this is actually one of those draft blog posts I mentioned). All that, the usual data breach stuff and more in this week's update.

Data breaches

Data breaches IoT Passwords

Weekly Update 219: IoT Unravelled with Scott Helme

IoT Unravelled Part 3: Security

Trending Sources

IoT Unravelled Part 4: Making it All Work for Humans

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

IoT Inspector Tool from Princeton

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices

Weekly Update 179

Last Watchdog’s IoT and ‘zero trust’ coverage win MVP awards from Information Management Today

Weekly Update 229

Patch now! The Mirai IoT botnet is exploiting TP-Link routers

Attacks Escalating Against Linux-Based IoT Devices

IoT Testbeds and Testing Tools

Weekly Update 294

The Battle Against IoT Cyber Threats

Impact of IoT Security for 5G Technology

Smart Grid, Energy Management and IoT

Top 5 IoT Security Testing Companies to Rely on

Weekly Update 293

The Cyber Risks of Transportation’s Connected OT/IoT Systems

Weekly Update 220

Weekly Update 243

Sensors Data Management, IoT Mining and Analytics

Smart Home Data Breach Exposes 2.7 Billion Records

OT and IoT Security: Adopt a Post-Breach Mindset Today

Controlling Smart Lights Using Dumb Switches with Shelly and Home Assistant

Protecting the energy sector’s industrial IoT

New Report: Ransomware, Vulnerabilities and IoT Security Threats

Podcast: Can we fix IoT security?

A DNS flaw impacts a library used by millions of IoT devices

5G and IoT for Intelligent Connectivity

PTZOptics cameras zero-days actively exploited in the wild

Expert Insights on IoT Security Challenges in 2024

Weekly Update 234

Attackers Exploit Flaw that Could Impact Millions of Routers, IoT Devices

IoT Protocols and Standards (IPv6, 6LoWPAN, RPL, 6TiSCH, WoT, oneM2M, etc.)

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Extending Cybersecurity Awareness to IoT Devices

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets

The European Union Prepares New Cybersecurity Regulations for IoT Devices

Mitigate Industrial IoT Security Challenges with PKI Solutions

Weekly Update 197

Stay Connected