infrastructure


Over the last few months or years I have reported vulnerabilities on several IoT devices. None have been patched so far, and I think it is time to discuss the situation openly. One of the issues I have faced several times is the zero-security-culture phenomenon. Some of those IoT companies were typically very small and young, with sadly neither the skills nor the resources to fix security issues. For example, I remember sending several vulnerabilities to a given company. I got an automated response for the first email (ok),... [Read More]
by RSS Axelle Apvrille  |  May 17, 2017  |  Filed in: Security Research
IoT is a sexy topic these days. It’s hard to open a magazine or blog without seeing statistics that project there will soon be more IoT devices online than there are teenagers on ClickChat. Like the growth of mobility and smartphones before it, IoT is a phenomenon that merits attention. But this time it’s different. IoT networks and devices play a crucial role in our global transition to a digital economy, and organizations that fail to adopt a digital business model may not survive. Which is why we also need to give credit to those... [Read More]
by RSS Phil Quade  |  Apr 19, 2017  |  Filed in: Industry Trends
Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger. Each transaction, or block within it, is linked together in an indisputable manner using public/private key encryption and internal... [Read More]
by RSS Keith Rayle  |  Mar 17, 2017  |  Filed in: Industry Trends
As further details become available for the massive distributed denial of service attack against Dyn on Oct 21 2016, here are some things FortiDDoS customers can do to protect themselves from a potential Internet of Things (IoT) botnet-based DDoS attack like Mirai. Mirai spreads by compromising vulnerable IoT devices such as DVRs. Many IoT manufacturers failed to secure these devices properly, and they don't include the memory and processing necessary to be updated. They are also usually not in control of the destination of their outbound... [Read More]
by RSS Hemant Jain  |  Oct 24, 2016  |  Filed in: Industry Trends
[Editor's Note: If you haven't yet watched the season finale of Mr. Robot, there are some spoilers here. It's not a recap and it won't ruin the whole episode, but you might want to watch it first before you keep reading.] Within the first four minutes of last night's Mr. Robot finale (postponed from last week because of sensitivity to the on-air shooting in Virginia), we saw a character who's life had been destroyed by the Ashley Madison data dump and heard how astoundingly difficult it is to prosecute computer... [Read More]
by RSS Chris Dawson  |  Sep 03, 2015  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  May 03, 2014  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Mar 22, 2014  |  Filed in: Industry Trends
The Obama administration issued the final version of its "cybersecurity framework" Wednesday, a series of security guidelines and best practices aimed at protecting finance, critical infrastructure, defense and other industries from a major cyber attack that could disrupt business and wreak havoc on their systems. The finalized guidelines have been in the works since last year, when President Obama signed an executive order calling upon the Commerce Department to establish basic - but voluntary -- security parameters for critical industries to... [Read More]
by RSS Stefanie Hoffman  |  Feb 18, 2014  |  Filed in: Industry Trends