IoT - Cyber Security Informer

IoT Devices in Password-Spraying Botnet

Schneier on Security

NOVEMBER 6, 2024

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. ” Some of the characteristics that make detection difficult are: The use of compromised SOHO IP addresses The use of a rotating set of IP addresses at any given time.

Passwords

Passwords IoT Accountability Internet

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Security Affairs

JUNE 9, 2025

malware has infected millions of IoT devices globally, creating a botnet used for cyber criminal activities, the FBI warns. botnet to exploit IoT devices on home networks, like streaming devices, projectors, and infotainment systems, mostly made in China. 3 ” reads the alert published by the FBI. ” BADBOX 2.0

IoT

IoT Internet Internet Advertising

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Manufacturing

Weekly Update 219: IoT Unravelled with Scott Helme

Troy Hunt

NOVEMBER 28, 2020

More than 200,000 unique visitors dropped by this week, mostly to read about IoT things. I topped the week off by spending a couple of hours talking to Scott Helme about our respective IoT experiences so that's the entirety of this week's update - Scott and I talking IoT.

IoT

IoT Password Management Firmware Passwords

Monetization Monitor: Monetization Models and Pricing 2020

Advertiser: Revenera

Customers demand—and suppliers offer—a diverse mix of monetization models for Software and Digital Services related to IoT Devices. Approximately a third (34%) of respondents in this year’s annual software and IoT monetization survey still rely on homegrown solutions. Fast innovation (SaaS, IoT, etc.)

IoT

New Report on IoT Security

Schneier on Security

SEPTEMBER 28, 2022

The Atlantic Council has published a report on securing the Internet of Things: “Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem.”

IoT

IoT Telecommunications Manufacturing Internet

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

The assault came from “ Meris ,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare recently wrote about its attack , which clocked in at 17.2 In its Aug.

IoT

IoT DDOS Internet Internet

GreyNoise: AI’s Central Role in Detecting Security Flaws in IoT Devices

Security Boulevard

NOVEMBER 1, 2024

GreyNoise Intelligence researchers said proprietary internal AI-based tools allowed them to detect and identify two vulnerabilities in IoT live-stream cameras that traditional cybersecurity technologies would not have been able to discover.

IoT

IoT Technology Cybersecurity Threat Detection

BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation

The Hacker News

MAY 9, 2025

authorities has dismantled a criminal proxy network that's powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors. A joint law enforcement operation undertaken by Dutch and U.S.

IoT

IoT Internet Internet

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

SecureWorld News

JANUARY 8, 2025

From baby monitors to home security systems, these IoT products have become integral to daily life, yet they also present significant cybersecurity risks. Industry leaders back the initiative Key stakeholders have expressed their enthusiasm for the Cyber Trust Mark's potential to improve IoT security and consumer trust.

IoT

IoT Manufacturing Government Cybersecurity

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

Penetration Testing

MAY 31, 2025

Cybersecurity researchers at Darktrace have exposed a stealthy and persistent Linux-based botnet dubbed PumaBot, which leverages Go binaries, The post PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices appeared first on Daily CyberSecurity.

IoT

IoT Cybersecurity Cyber Attacks Malware

IoT Unravelled Part 4: Making it All Work for Humans

Troy Hunt

NOVEMBER 25, 2020

The first few parts of this series have all been somewhat technical in nature; part 1 was how much of a mess the IoT ecosystem is and how Home Assistant aims to unify it all, part 2 got into the networking layer with both Wi-Fi and Zigbee and in part 3 , I delved into security. Now let's tackle something really tricky - humans.

IoT

IoT Firmware Marketing Media

Why Technology Interoperability is the Key to a Safer Internet of Things (IoT)

Security Boulevard

DECEMBER 4, 2024

With IoT connectivity expanding, organizations across the industry must grapple with the complexities of securing this vast network of internet-connected “things.” The post Why Technology Interoperability is the Key to a Safer Internet of Things (IoT) appeared first on Security Boulevard.

IoT

IoT Internet Internet Technology

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto

The Hacker News

MAY 28, 2025

Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional malware to the infected hosts.

IoT

IoT Internet Internet Malware

35 Million Devices Vulnerable: Matrix DDoS Campaign Highlights Growing IoT Threat

Penetration Testing

NOVEMBER 27, 2024

This operation, detected through honeypot activities, showcases a concerning... The post 35 Million Devices Vulnerable: Matrix DDoS Campaign Highlights Growing IoT Threat appeared first on Cybersecurity News.

DDOS

DDOS IoT Cybersecurity Malware

Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet

The Hacker News

MAY 6, 2025

Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks.

IoT

IoT DDOS Security Intelligence Internet

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

DECEMBER 30, 2020

The post Hacked IoT Devices Livestreaming Swatting Attacks: FBI appeared first on Adam Levin.

IoT

IoT Hacking Internet Internet

Five Years Later: Evolving IoT Cybersecurity Guidelines

NSTIC

MAY 13, 2025

The Backgroundand NISTs Plan for Improving IoT Cybersecurity The passage of the Internet of Things (IoT) Cybersecurity Improvement Act in 2020 marked a pivotal step in enhancing the cybersecurity of IoT products.

IoT

IoT Cybersecurity Manufacturing Internet

IoT Assignment Completed! Report on Barriers to U.S. IoT Adoption

NSTIC

OCTOBER 22, 2024

The 16 members of the NIST-managed Internet of Things (IoT) Advisory Board have completed their report on barriers to the U.S. receiving the benefits of IoT adoption, along with their recommendations for overcoming those barriers. These innovations intertwine connectivity and digital innovation with the opportunity to drive a

IoT

IoT Internet Internet

From Sensors to Servers: End-to-End Security for IoT in Critical Utility Networks

SecureWorld News

NOVEMBER 7, 2024

A connected world means a vulnerable world Utilities now rely on large networks of IoT devices, from sensors buried underground to servers that crunch data in remote locations. But the moment we bring IoT into the mix, we create thousands of potential entry points for attackers.

IoT

IoT Firmware Encryption Authentication

⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams

The Hacker News

MAY 12, 2025

Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. Theyve all become launchpads for attacksbecause cybercriminals are rethinking what counts as infrastructure. It's not just cleverits

IoT

IoT Scams Malware Software

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

The Last Watchdog

DECEMBER 17, 2023

The Internet of Things ( IoT ) is on the threshold of ascending to become the Internet of Everything ( IoE.) Infineon supplies semiconductors embedded in smart systems, most notably in automotive, power and IoT. We can execute a lot of machine learning, at the edge, in IoT devices.

IoT

IoT Internet Internet Technology

Top 6 security risks associated with industrial IoT

Tech Republic Security

NOVEMBER 23, 2022

Industrial IoT is gaining adoption, but this comes with some security risks. The post Top 6 security risks associated with industrial IoT appeared first on TechRepublic. Check out the dangers and how you can avoid them.

IoT

IoT Risk Internet Internet

New PumaBot targets Linux IoT surveillance devices

Security Affairs

MAY 28, 2025

PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto. Darktrace researchers discovered a new botnet called PumaBot targets Linux-based IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine cryptocurrency. ” states the report.

Surveillance

Surveillance IoT Malware Manufacturing

6 ways to reduce your IoT attack surface

Tech Republic Security

NOVEMBER 7, 2022

As attackers target the ever-growing IoT attack surface, companies can reduce their risks with these six security best practices. The post 6 ways to reduce your IoT attack surface appeared first on TechRepublic.

IoT

IoT Risk Internet Internet

New Eleven11bot botnet infected +86K IoT devices

Security Affairs

MARCH 5, 2025

The Eleven11bot botnet has infected over 86,000 IoT devices, mainly security cameras and network video recorders (NVRs). Researchers from Nokia Deepfield Emergency Response Team (ERT) discovered a new botnet named Eleven11bot that has already infected over 86,000 IoT devices. ” states GreyNoise. discovered on 2025-03-02.

IoT

IoT DDOS Passwords Hacking

News alert: IDT Corp., AccuKnox partner to deploy runtime security-powered CNAPP at the edge of IoT

The Last Watchdog

MARCH 25, 2025

FinTech and Communications Leader, IDT Corporation partners with AccuKnox to deploy runtime security-powered CNAPP (Cloud Native Application Protection Platform) for IoT/Edge Security. The findings underscore the necessity of implementing robust security measures as IoT technologies continue to be integrated across multiple industries.

IoT

IoT Retail Technology Marketing

Eleven11bot Captures 86,000 IoT Devices for DDoS Attacks

Security Boulevard

MARCH 5, 2025

The massive Eleven11bot has compromised more than 86,000 IoT devices, including security cameras and network video recorders, to launch hundreds of DDoS attacks, and security researchers say the threat actors behind the botnet are trying to grow it even more.

DDOS

DDOS IoT Cybersecurity Network Security

4 IoT Trends U.K. Businesses Should Watch in 2024

Tech Republic Security

MAY 2, 2024

TechRepublic identified the top four trends emerging in IoT that businesses in the U.K. should be aware of.

IoT

IoT Artificial Intelligence Internet Internet

Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024

Tech Republic Security

OCTOBER 16, 2024

Zscaler ThreatLabz report reveals a 2024 surge in mobile, IoT, and OT cyberattacks, highlighting key trends and the need for zero trust security.

IoT

IoT Mobile Cyber threats Internet

XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices

Penetration Testing

NOVEMBER 27, 2024

NSFOCUS has identified a resurgence of the XorBot botnet, a potent threat to Internet of Things (IoT) devices worldwide.

IoT

IoT Internet Internet Cybersecurity

SHARED INTEL Q&A: When every IoT Device and AI assistant has an identity — who’s in control?

The Last Watchdog

JUNE 2, 2025

The post SHARED INTEL Q&A: When every IoT Device and AI assistant has an identity whos in control? Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. (LW LW provides consulting services to the vendors we cover.) first appeared on The Last Watchdog.

IoT

IoT CISO Government Accountability

Study: Consumer security savvy is way behind IoT threat landscape

Tech Republic Security

DECEMBER 20, 2022

The post Study: Consumer security savvy is way behind IoT threat landscape appeared first on TechRepublic. A new Comcast study hints at a major risk to businesses, governments and public systems due to poor cybersecurity in the booming Internet of Things industry.

IoT

IoT Internet Internet Government

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

They found unsecured IoT devices, including webcams and a fingerprint scanner, using them to bypass security defenses and successfully deploy the ransomware. The IoT device was running a lightweight Linux OS, that was the perfect target for Akiras Linux ransomware variant. ” reads the report published by the S-RM team.

Ransomware

Ransomware IoT Encryption Passwords

On IoT Devices and Software Liability

Schneier on Security

JANUARY 12, 2024

New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.

IoT

IoT Software Manufacturing Internet

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

Krebs on Security

MAY 20, 2025

The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. Read on for more about the botnet, the attack, and the apparent creator of this global menace. For reference, the 6.3 Image: Cloudflare.

DDOS

DDOS IoT Internet Internet

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. When it comes to IoT, we must arrive at specific rules of the road if we are to tap into the full potential of smart cities, autonomous transportation and advanced healthcare.

IoT

IoT Government Internet Internet

Contiki-NG IoT OS Patches Critical Vulnerabilities

Penetration Testing

NOVEMBER 28, 2024

Researchers have identified and addressed three critical vulnerabilities in Contiki-NG, a popular open-source operating system for Internet of Things (IoT) devices. These vulnerabilities could allow attackers to crash devices or... The post Contiki-NG IoT OS Patches Critical Vulnerabilities appeared first on Cybersecurity News.

IoT

IoT Internet Internet Cybersecurity

Shadowy IoT Army: Decades-Old Proxy Botnet Exposed and Crippled

Penetration Testing

MAY 12, 2025

Department of Justice and the Dutch National Police, The post Shadowy IoT Army: Decades-Old Proxy Botnet Exposed and Crippled appeared first on Daily CyberSecurity. Lumen Technologies Black Lotus Labs, in collaboration with the U.S.

IoT

IoT Technology Cybersecurity Cybercrime

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack!

Penetration Testing

JUNE 11, 2025

A critical RCE flaw in QNX SDP's PCX image codec exposes systems to DoS or code execution. Patch immediately if using affected versions.

IoT

IoT Cybersecurity

IoT Security & Threat Modeling

Adam Shostack

JANUARY 2, 2025

Expanding on the UK Government's The Uk Code of Practice for Consumer IoT Security and how it aligns with Threat Modeling. There's a new report out from the UK Government, The UK Code of Practice for Consumer IoT Security.

IoT

IoT Government Technology

'Best Practices for IoT Security'

Adam Shostack

JANUARY 2, 2025

There's an interesting new draft, Best Practices for IoT Security: What Does That Even Mean? There's an interesting new draft, Best Practices for IoT Security:What Does That Even Mean? by Christopher Bellman and Paul C. van Oorschot. It's by Christopher Bellman and Paul C. van Oorschot.

IoT

IoT Manufacturing Internet Internet

MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier

The Last Watchdog

FEBRUARY 10, 2025

Related: IoT growing at a 24% clip To get there to fully tap the potential of a hyper-interconnected ecosystem where devices, data, AI and humans converge to benefit humankind cybersecurity must first catch up. The expansion of IoT into IoE has vastly expanded the range of potential targets for cyberattacks.

Internet

Internet Internet IoT Manufacturing

Threat Modeling & IoT

Adam Shostack

JANUARY 2, 2025

You can start threat modeling IoT with the four question framework: What are you building? But there are specifics to IoT, and those specifics influence how you think about each of those questions. In the IoT world, the question of did we do a good job becomes have we done a good enough job? What can go wrong? Don Bailey)

IoT

IoT Engineering Internet Internet

IoT Devices in Password-Spraying Botnet

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Trending Sources

IoT Unravelled Part 3: Security

Weekly Update 219: IoT Unravelled with Scott Helme

Monetization Monitor: Monetization Models and Pricing 2020

New Report on IoT Security

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

GreyNoise: AI’s Central Role in Detecting Security Flaws in IoT Devices

BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices

IoT Unravelled Part 4: Making it All Work for Humans

Why Technology Interoperability is the Key to a Safer Internet of Things (IoT)

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto

35 Million Devices Vulnerable: Matrix DDoS Campaign Highlights Growing IoT Threat

Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Five Years Later: Evolving IoT Cybersecurity Guidelines

IoT Assignment Completed! Report on Barriers to U.S. IoT Adoption

From Sensors to Servers: End-to-End Security for IoT in Critical Utility Networks

⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

Top 6 security risks associated with industrial IoT

New PumaBot targets Linux IoT surveillance devices

6 ways to reduce your IoT attack surface

New Eleven11bot botnet infected +86K IoT devices

News alert: IDT Corp., AccuKnox partner to deploy runtime security-powered CNAPP at the edge of IoT

Eleven11bot Captures 86,000 IoT Devices for DDoS Attacks

4 IoT Trends U.K. Businesses Should Watch in 2024

Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024

XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices

SHARED INTEL Q&A: When every IoT Device and AI assistant has an identity — who’s in control?

Study: Consumer security savvy is way behind IoT threat landscape

Akira ransomware gang used an unsecured webcam to bypass EDR

On IoT Devices and Software Liability

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Contiki-NG IoT OS Patches Critical Vulnerabilities

Shadowy IoT Army: Decades-Old Proxy Botnet Exposed and Crippled

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack!

IoT Security & Threat Modeling

'Best Practices for IoT Security'

MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier

Threat Modeling & IoT

Stay Connected