iot


Fortinet recently talked with Michael Dierickx, director of security engineering and information security officer, about Panasonic Avionics’ security priorities and the tools they use to keep customers’ information safe on today’s connected aircraft.  [Read More]
by RSS John Maddison  |  Aug 09, 2017  |  Filed in: Industry Trends
In this final blog in the Rootnik series we will finish our analysis of this new variant. Let’s start by looking into the script shell rsh. Analysis of the script shell Through our investigation we are able to see how the script shell works: First, it writes the content of the file .ir into /system/etc/install-recovery.sh. The file install-recovery.sh is a startup script. When the android device is booted, the script can be executed. The following is the content of the file .ir. Next, it writes some files... [Read More]
by RSS Kai Lu  |  Jul 09, 2017  |  Filed in: Security Research
In part I of this blog, I finished the analysis of the native layer of a newly discovered Rootnik malware variant, and got the decrypted real DEX file. Here in part II, we will continue our analysis. A look into the decrypted real DEX file The entry of the decrypted DEX file is the class demo.outerappshell.OuterShellApp. The definition of the class OuterShellApp is shown below. Figure 1. The class demo.outerappshell.OuterShellApp We will first analyze the function attachBaseContext(). The following is the function aBC() in the class... [Read More]
by RSS Kai Lu  |  Jul 09, 2017  |  Filed in: Security Research
In the context of digital trust, effective cybersecurity can become an essential enabler of digital transformation. In other words, if organizations and users can’t trust their data, and trust that it is safe, they will not engage, and the Digital Economy will fail. [Read More]
by RSS Drew Del Matto  |  Jun 19, 2017  |  Filed in: Industry Trends
Tired of hearing about IoT? Me too. I am also tired of AI and the constant specter of intelligent robots and computers that are smarter than us, and that for some reason want to harm us. I prefer the movie Her because I believe that is more likely to represent the future of an AI. They wouldn’t want to compete with us and rule the world. Instead, it seems more likely that they would find us to be a curiosity. And they would probably eventually just lose interest in us and leave. We (and the Earth) would not be able to evolve as fast... [Read More]
by RSS James Cabe  |  Jun 13, 2017  |  Filed in: Industry Trends
Whether it’s healthcare, or any of the other 16 sectors of critical national infrastructure, enterprises responsible for some of our most important cyber assets are undergoing some sort of digital transformation. At its core, digital transformation in business is really about moving from intuitive to data-driven decision making to gain new insights, provide essential services, and drive exponential growth. Over the past few years, the healthcare sector and other industries have been focused on four major objectives related to digital transformation: Move... [Read More]
by RSS Jonathan Nguyen-Duy  |  Jun 01, 2017  |  Filed in: Industry Trends
Historically, federal agencies have been wary of using public cloud due to security concerns. Yet the agility and cost savings offered by cloud infrastructure is proving to be a major incentive, leading to a recent big push for agencies to re-engage with public cloud providers.  Security is still a central issue, and many agencies are looking at cloud service providers whose products adopt a cloud-first strategy, viewing them either as a firewall in the cloud or as a way to outsource security to the cloud.   However, no one... [Read More]
by RSS Aamir Lakhani  |  May 29, 2017  |  Filed in: Industry Trends
Over the last few months or years I have reported vulnerabilities on several IoT devices. None have been patched so far, and I think it is time to discuss the situation openly. One of the issues I have faced several times is the zero-security-culture phenomenon. Some of those IoT companies were typically very small and young, with sadly neither the skills nor the resources to fix security issues. For example, I remember sending several vulnerabilities to a given company. I got an automated response for the first email (ok),... [Read More]
by RSS Axelle Apvrille  |  May 17, 2017  |  Filed in: Security Research
Welcome back to our monthly review of some of the most interesting security research publications. Previous edition: March 2017 What happened to your home? IoT Hacking and Forensic with 0-day from TROOPERS 17, by Park and Jin Figure 1: Hacking a vacuum cleaner The authors hacked a vacuum cleaner, which, besides cleaning, also includes an embedded camera and microphone. The hack wasn’t easy because the vacuum wasn’t too badly secured. The authors however found 2 vectors: 1. They connected on the... [Read More]
by RSS Axelle Apvrille  |  May 10, 2017  |  Filed in: Security Research
In a 2015 article posted by Forbes, it was reported that 87 percent of people hadn’t heard of the term “Internet of Things” (IoT). At that time, Gartner Inc. estimated that there were 4.9 billion connected devices in use. Fast forward to 2017, and Gartner now reports that number has grown  to 8.4 billion, with a look ahead to 2020 predicting that 20.4 billion connected devices will be in use. The IoT has gained traction in day-to-day life by adding new applications and capabilities at a rapid rate, and as this technology begins... [Read More]
by RSS Amy Thompson  |  May 08, 2017  |  Filed in: Industry Trends