IoT, Mobile and Risk - Cyber Security Informer

IT threat evolution in Q3 2024. Non-mobile statistics

SecureList

NOVEMBER 29, 2024

Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. IT threat evolution in Q3 2024 IT threat evolution in Q3 2024.

Mobile

Mobile Adware Ransomware Malware

Undocumented hidden feature found in Espressif ESP32 microchip

Security Affairs

MARCH 9, 2025

The experts warn that a hidden feature poses a security risk for millions of IoT devices. “Tarlogic Securityhas detected a hidden functionality that can be used as a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present inmillions of mass-market IoT devices.”

IoT

IoT Manufacturing Firmware Marketing

Threat Modeling in Solar Power Infrastructure

SecureWorld News

JUNE 18, 2025

When renewable energy becomes a security risk Some people are concerned about whether solar panels will operate after periods of cloudy weather, others are more concerned about whether they can be remotely accessed. We know IoT can be insecure. In fact, years ago I gave a talk on the IoT insecurities, and it's still true today.

Firmware

Firmware IoT Manufacturing Mobile

SK Telecom revealed that malware breach began in 2022

Security Affairs

MAY 20, 2025

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Koreas largest wireless telecom company, a major player in the countrys mobile and tech landscape. The telecom giant detected an infection of its systems at 11 PM on Saturday, April 19, 2025.

Malware

Malware Mobile Data breaches Wireless

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Boulevard

MARCH 21, 2025

Check out key findings and insights from the Tenable Cloud AI Risk Report 2025. And get the latest on open source software security; cyber scams; and IoT security. 1 - Tenable: Orgs using AI in the cloud face thorny cyber risks Using AI tools in cloud environments?

Risk

Risk IoT Cybersecurity Manufacturing

Healthcare Cybersecurity Market Soars: Key Trends and Insights

SecureWorld News

MAY 2, 2025

Breaches can disrupt care delivery and put lives at risk, not to mention lead to hefty compliance fines. Healthcare executives are responding by viewing cybersecurity not just as an IT issue, but as a core business risk. Additionally, many patient-facing mobile apps have vulnerabilities (78% of such apps fail OWASP security tests).

Healthcare

Healthcare Marketing Cybersecurity CISO

How to Use Risk-Based Metrics in an Exposure Management Program

Security Boulevard

JUNE 9, 2025

In this post, Tenable security engineers Arnie Cabral and Jason Schavel share how you can use risk-based metrics. It's about understanding business risk and prioritizing actions that reduce the potential for attack. They offer an overview of quantifiable risk across different business units and asset groups.

Risk

Risk Mobile Engineering IoT

Experts uncover critical flaws in Kigen eSIM technology affecting billions

Security Affairs

JULY 14, 2025

Experts devised a new hack targeting Kigen eSIM tech, used in over 2B devices, exposing smartphones and IoT users to serious security risks. Researchers at Security Explorations uncovered a new hacking method exploiting flaws in Kigen’s eSIM tech, affecting billions of IoT devices.

Technology

Technology IoT Hacking Mobile

Smart Home Data Breach Exposes 2.7 Billion Records

ZoneAlarm

FEBRUARY 23, 2025

Mars Hydro, a Chinese company that makes IoT devices like LED lights and hydroponics equipment, recently suffered a massive data breach, exposing approximately 2.7 This breach has raised serious concerns about the security of internet-connected devices and the potential risks for consumers. billion records.

Data breaches

Data breaches IoT Internet Internet

FDA Playbook Engineers Safety Into Medical Device Manufacturing

SecureWorld News

JUNE 25, 2025

As connected healthcare devices become more pervasive and critical to patient outcomes, the cyber risks tied to their design, production, and deployment grow exponentially. According to the report, "Cybersecurity risk management should begin during product concept and continue throughout the total product lifecycle (TPLC)."

Manufacturing

Manufacturing Engineering Healthcare Risk

Why Merging DSPM with PKI Is Key to Modern Risk Management

GlobalSign

JULY 25, 2025

Atlas - Digital Identity Platform Certificate Lifecycle Management Atlas Discovery Managed PKI ACME Certificate Automation Manager PKI for IoT Edge Enroll - IoT Identity Platform IoT Partner Program PKI for DevSecOps Post Quantum Computing Document Signing Secure your documents and improve workflows with digital signatures and seals.

Risk

Risk IoT Encryption Authentication

BadBox rapidly grows, 190,000 Android devices infected

Security Affairs

DECEMBER 21, 2024

BadBox can also download additional payloads, amplifying the risks for the users. The experts reported that at least 74,000 Android-based mobile phones, tablets, and Connected TV boxes worldwide were shipped with the backdoored firmware.

Firmware

Firmware Malware Internet Internet

How Solid Protocol Restores Digital Agency

Schneier on Security

JULY 24, 2025

Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. This approach dramatically reduces unauthorized data use, risk of breaches (privacy and integrity), and administrative costs.

Architecture

Architecture Healthcare Insurance Surveillance

Cybersecurity Leaders Share Three Challenges Exposure Management Helps Them Solve

Security Boulevard

MARCH 31, 2025

The core cybersecurity discipline is evolving into exposure management , which is built on a broader, more strategic approach to identifying, prioritizing and mitigating risk. They want to understand and reduce real-world cyber risk across their expanding attack surfaces. We have to shift to a risk approach."

Cybersecurity

Cybersecurity Risk Cyber Risk Mobile

Connected contraptions cause conniption for 2024

Malwarebytes

DECEMBER 31, 2024

Its Bluey and dig kits and LEGOs for kids, Fortnite and AirPods and backpacks for tweens, and, for an adult you particularly love, its televisions, air fryers, e-readers, vacuums, dog-feeders, and more, which all seemingly require a mobile app to function. For years, the cybersecurity of these particularly mobile mobiles (sorry) was passable.

Internet

Internet Internet DDOS Mobile

The Role and Benefits of AI in Cybersecurity

SecureWorld News

APRIL 13, 2025

It helps identify anomalies and potential third-party risks in real-time. As businesses increasingly seek to integrate robust cybersecurity measures during their app development processes, mobile development consulting can play a vital role in ensuring that security is prioritized from the outset.

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection Cyber threats

Why It’s Time to Replace Your Legacy SIEM and What to Consider as a Replacement?

IT Security Guru

DECEMBER 16, 2024

Struggling with High Data Volume and Complexity Today’s networks produce vast data from cloud services, IoT devices, and mobile endpoints. This gap creates security risks, but a modern SIEM offers the solution. This alert fatigue can cause them to miss critical incidents. Older SIEMs can’t manage this complexity.

Threat Detection

Threat Detection Cyber threats Artificial Intelligence Technology

What Is Exposure Management and Why Does It Matter?

Security Boulevard

MARCH 17, 2025

In practice, even with reasonable service level agreements (SLAs), IT usually has to mitigate those risks. Just as alarming, the Tenable Cloud Risk Report 2024 shows that 74% of organizations have publicly exposed storage assets, including those containing sensitive data. As a result, security has become disjointed.

Risk

Risk Technology IoT Mobile

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 16, 2025

Attacks on Middle Eastern countries Ballista New IoT Botnet Targeting Thousands of TP-Link Archer Routers Captain MassJacker Sparrow: Uncovering the Malwares Buried Treasure Enhancing Malware Fingerprinting through Analysis of Evasive Techniques Hacking Tarlogic detects a hidden feature in the mass-market ESP32 chip that could infect millions of IoT (..)

Spyware

Spyware Cybercrime IoT Firewall

Don’t Be a Statistic: Proactive API Security in the Age of AI

Security Boulevard

JUNE 4, 2025

Your business depends on APIs, which are essential for contemporary digital experiences, encompassing everything from mobile applications and IoT devices to the rapidly evolving AI landscape. Posture Governance and Compliance: Assess API risk, enforce security policies, and detect misconfigurations in real-time.

Data breaches

Data breaches Government Telecommunications Wireless

FCC Takes on China Threats with New National Security Council

Security Boulevard

MARCH 14, 2025

leadership is key areas like AI, the IoT, quantum computing, and 5G and 6G networks. The FCC is launching a new agency council to push back on Chinese-backed cyberthreats like Salt Typhoon by pushing telecoms to harden their defense, reduce their reliance on trade with foreign adversaries, and ensure continued U.S.

IoT

IoT Mobile Risk Government

Who is Hero?

Security Boulevard

JUNE 26, 2025

Podcast Techstrong.tv - Twitch Devops Chat DevOps Dozen DevOps TV Media Kit About Sponsor Analytics AppSec CISO Cloud DevOps GRC Identity Incident Response IoT / ICS Threats / Breaches More Blockchain / Digital Currencies Careers Cyberlaw Mobile Social Engineering Humor --> Security Bloggers Network Home » Security Bloggers Network » Who is Hero?

Social Engineering

Social Engineering Data privacy Security Awareness Engineering

US Cyber Trust Mark logo for smart devices is coming

Malwarebytes

JANUARY 8, 2025

The cybersecurity labeling program for wireless consumer Internet of Things (IoT) products is voluntary but the participants include several major manufacturers, retailers, and trade associations for popular electronics, appliances, and consumer products. The benefits are obvious for shoppers.

Computers and Electronics

Computers and Electronics Wireless IoT Manufacturing

Getting the Most Value Out of the OSCP: After the Exam

Security Boulevard

JUNE 2, 2025

Other Domains Other common domains are mobile devices and applications, industrial control systems (ICS) , Internet of Things (IoT) devices , large language model (LLM) web applications, social engineering , and physical access control systems(PACS).

Penetration Testing

Penetration Testing Engineering Wireless Cybersecurity

AI Slop is Hurting Security — LLMs are Dumb and People are Dim

Security Boulevard

DECEMBER 12, 2024

Artificial stupidity: Large language models are terrible if you need reasoning or actual understanding. The post AI Slop is Hurting Security LLMs are Dumb and People are Dim appeared first on Security Boulevard.

Artificial Intelligence

Artificial Intelligence Social Engineering Data privacy IoT

‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS

Security Boulevard

JULY 16, 2025

BCH vs. SDR, AAR vs. CISA: Railroad industry first warned about this nasty vulnerability in 2005. The post ‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS appeared first on Security Boulevard.

Wireless

Wireless IoT Security Awareness Software

Spotlight on Cybersecurity Leaders: Richard Staynings

SecureWorld News

JANUARY 6, 2025

Richard is currently Chief Security Strategist for Cylera, a pioneer in the space of medical device and IoT security. IoT is the open back door to cybersecurity, especially in healthcare which has millions of medical and other largely dumb devicesall connected to the medical network.

Cybersecurity

Cybersecurity Cybercrime Healthcare Government

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

SecureWorld News

DECEMBER 27, 2024

Critical infrastructure is at risk, moreso thanks to AI. and its allies must keep up; GenAI; mobile threats; RaaS makes it easier for the bad actors; non-human identity management; OT, IoT, and IIoT security and threats; cyber resiliency; SOC models; and improving cybersecurity education and programming.

Cybersecurity

Cybersecurity Risk CISO Government

Why Cyber Criminals Keep Winning Against SMEs

GlobalSign

JULY 14, 2025

Atlas - Digital Identity Platform Certificate Lifecycle Management Atlas Discovery Managed PKI ACME Certificate Automation Manager PKI for IoT Edge Enroll - IoT Identity Platform IoT Partner Program PKI for DevSecOps Post Quantum Computing Document Signing Secure your documents and improve workflows with digital signatures and seals.

Insurance

Insurance IoT Authentication Retail

Creating an Incident Response Plan with a People-First Approach

GlobalSign

JULY 16, 2025

Atlas - Digital Identity Platform Certificate Lifecycle Management Atlas Discovery Managed PKI ACME Certificate Automation Manager PKI for IoT Edge Enroll - IoT Identity Platform IoT Partner Program PKI for DevSecOps Post Quantum Computing Document Signing Secure your documents and improve workflows with digital signatures and seals.

IoT

IoT Identity Theft Authentication Computers and Electronics

MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’

Security Boulevard

APRIL 16, 2025

These are interesting times: U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16. The post MITRE Crisis: CVE Cash Ends TODAY CISA says No Lapse appeared first on Security Boulevard.

Government

Government Data privacy Technology IoT

Apple Lets Stalkers Find YOU — ‘nRootTag’ Team Breaks AirTag Crypto

Security Boulevard

FEBRUARY 28, 2025

Dumb Design + Crud Code = Privacy Panic: Its been SEVEN MONTHS, but Tims crew is yet to fix the bugs. The post Apple Lets Stalkers Find YOU nRootTag Team Breaks AirTag Crypto appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy IoT Security Awareness

Allstate Violates Drivers’ Privacy, Texas AG Alleges

Security Boulevard

JANUARY 15, 2025

Dont Mess With Texas Privacy: We will hold all these companies accountable, rants state attorney general Ken Paxton (pictured). The post Allstate Violates Drivers Privacy, Texas AG Alleges appeared first on Security Boulevard.

Accountability

Accountability Insurance Social Engineering Spyware

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

SecureWorld News

JANUARY 9, 2025

Richard Staynings , Chief Security Strategist for IoT security company Cylera and teaching professor for cybersecurity at the University of Denver, provides comments throughout. Protecting military mobile devices Standards and policies will be implemented to secure Department of Defense mobile devices from foreign spyware.

Cybersecurity

Cybersecurity Manufacturing Surveillance Ransomware

EU Cyber Resilience Act: What You Need to Know

Centraleyes

MARCH 24, 2025

Transparency Providing end-users with clear information about cybersecurity risks and product updates. What Risks Does the CRA Address? Worse, manufacturers often fail to provide updates to address vulnerabilities, leaving users exposed to risks. How Does the CRA Solve and Mitigate These Risks?

Manufacturing

Manufacturing Marketing Risk Cybersecurity

Apple Enrages IT — 45-Day Cert Expiration Fury

Security Boulevard

OCTOBER 16, 2024

CA/B testing: Ludicrous proposal draws ire from “furious” systems administrators. The post Apple Enrages IT — 45-Day Cert Expiration Fury appeared first on Security Boulevard.

System Administration

System Administration Social Engineering Data privacy IoT

You Have Exposure Management Questions. We’ve Got Answers

Security Boulevard

APRIL 14, 2025

This means that your team can minimize churn and help prevent breaches by closing the exposures (or toxic risk combinations) attackers exploit before attacks get underway. Not all risk is created equal and not every risk needs to be addressed instantly. How does exposure management use AI? Is exposure management cloud-based?

Artificial Intelligence

Artificial Intelligence Risk IoT Mobile

CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs

Security Boulevard

FEBRUARY 3, 2025

China crisis? Stop using this healthcare equipment, say Cybersecurity & Infrastructure Security Agency and Food & Drug Administration. The post CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs appeared first on Security Boulevard.

Healthcare

Healthcare Cybersecurity Data privacy IoT

Amazon AI Privacy Panic — Bee Brings Bezos Panopticon

Security Boulevard

JULY 23, 2025

Amazzon Beee Buzzzz: It records everything you say (and what people around you say, too). The post Amazon AI Privacy Panic — Bee Brings Bezos Panopticon appeared first on Security Boulevard.

Social Engineering

Social Engineering Artificial Intelligence Internet Internet

China is Still Inside US Networks — It’s Been SIX Months

Security Boulevard

DECEMBER 4, 2024

Hell froze over: FBI and NSA recommend you use strong encryption. The post China is Still Inside US Networks — It’s Been SIX Months appeared first on Security Boulevard.

Encryption

Encryption Cyber Attacks Data privacy IoT

Millions of SK Telecom customers are potentially at risk following USIM data compromise

Security Affairs

APRIL 22, 2025

SK Telecom is South Koreas largest wireless telecom company, a major player in the countrys mobile and tech landscape. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its network. The telecom giant detected an infection of its systems at 11 PM on Saturday, April 19, 2025.

Data breaches

Data breaches Risk Mobile Wireless

Randall Munroe’s XKCD ‘Good Science’

Security Boulevard

JUNE 18, 2025

Podcast TechstrongTV - Twitch Library Related Sites Techstrong Group Cloud Native Now DevOps.com Security Boulevard Techstrong Research Techstrong TV Techstrong.tv Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam Guardrails Breached: The New Reality of GenAI-Driven Attacks OAuth 2.0

Social Engineering

Social Engineering Data privacy Security Awareness Mobile

This is HUGE: Biden’s Cybersecurity Exec. Order — Big Parting Gift to Trump

Security Boulevard

JANUARY 17, 2025

Just Wow: Joseph Robinette Biden Jr. hits the emergency do something button. The post This is HUGE: Bidens Cybersecurity Exec. Order Big Parting Gift to Trump appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Social Engineering Cyber Attacks Data privacy

This Windows 11 tablet for field research is about as durable as a tablet can be

Zero Day

JULY 17, 2025

The system runs Microsoft Windows 11 IoT Enterprise operating system. This not only reduces the risk of mechanical failure but also ensures the device remains quiet, even under heavy workloads. Here's the truth How ChatGPT actually works What is ChatGPT and how does it benefit you? Durability testing the DT312RP!

Artificial Intelligence

Artificial Intelligence Software Digital transformation Retail

IT threat evolution in Q3 2024. Non-mobile statistics

Undocumented hidden feature found in Espressif ESP32 microchip

Trending Sources

Threat Modeling in Solar Power Infrastructure

SK Telecom revealed that malware breach began in 2022

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Healthcare Cybersecurity Market Soars: Key Trends and Insights

How to Use Risk-Based Metrics in an Exposure Management Program

Experts uncover critical flaws in Kigen eSIM technology affecting billions

Smart Home Data Breach Exposes 2.7 Billion Records

FDA Playbook Engineers Safety Into Medical Device Manufacturing

Why Merging DSPM with PKI Is Key to Modern Risk Management

BadBox rapidly grows, 190,000 Android devices infected

How Solid Protocol Restores Digital Agency

Cybersecurity Leaders Share Three Challenges Exposure Management Helps Them Solve

Connected contraptions cause conniption for 2024

The Role and Benefits of AI in Cybersecurity

Why It’s Time to Replace Your Legacy SIEM and What to Consider as a Replacement?

What Is Exposure Management and Why Does It Matter?

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Don’t Be a Statistic: Proactive API Security in the Age of AI

FCC Takes on China Threats with New National Security Council

Who is Hero?

US Cyber Trust Mark logo for smart devices is coming

Getting the Most Value Out of the OSCP: After the Exam

AI Slop is Hurting Security — LLMs are Dumb and People are Dim

‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS

Spotlight on Cybersecurity Leaders: Richard Staynings

2025 Cybersecurity Predictions: Not Getting Easier; But There is Hope

Why Cyber Criminals Keep Winning Against SMEs

Creating an Incident Response Plan with a People-First Approach

MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’

Apple Lets Stalkers Find YOU — ‘nRootTag’ Team Breaks AirTag Crypto

Allstate Violates Drivers’ Privacy, Texas AG Alleges

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

EU Cyber Resilience Act: What You Need to Know

Apple Enrages IT — 45-Day Cert Expiration Fury

You Have Exposure Management Questions. We’ve Got Answers

CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs

Amazon AI Privacy Panic — Bee Brings Bezos Panopticon

China is Still Inside US Networks — It’s Been SIX Months

Millions of SK Telecom customers are potentially at risk following USIM data compromise

Randall Munroe’s XKCD ‘Good Science’

This is HUGE: Biden’s Cybersecurity Exec. Order — Big Parting Gift to Trump

This Windows 11 tablet for field research is about as durable as a tablet can be

Stay Connected