Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with IoT
Page 1 / 2   >   >>
Biden Tells Putin Critical Infrastructure Sectors 'Off Limits' to Russian Hacking
Quick Hits  |  6/16/2021  | 
President Joe Biden said he and Russian President Vladimir Putin agreed to discuss boundaries in cyber activity.
Security Flaw Discovered In Peloton Equipment
Quick Hits  |  6/16/2021  | 
The vulnerability could give attackers remote root access to the bike's tablet, researchers report.
Cars, Medicine, Electric Grids: Future Hackers Will Hit Much More Than Networks in an IT/OT Integrated World
Commentary  |  6/16/2021  | 
Intelligent systems must include the right cybersecurity protections to prevent physical threats to operational technology.
Security Experts Scrutinize Apple, Amazon IoT Networks
News  |  6/15/2021  | 
Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.
New Top 20 Secure-Coding List Positions PLCs as Plant 'Bodyguards'
News  |  6/14/2021  | 
Best practices guide encompasses integrity, hardening, resilience, and monitoring of PLCs in industrial networks.
Name That Toon: Sight Unseen
Commentary  |  6/14/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Healthcare Device Security Firm COO Charged With Hacking Medical Center
Quick Hits  |  6/10/2021  | 
Vikas Singla, chief operating officer of security firm that provides products and services to the healthcare industry, faces charges surrounding a cyberattack he allegedly conducted against Duluth, Ga.-based Gwinnett Medical Center.
New Security Event @Hack to Take Place in Saudi Arabia
Quick Hits  |  6/9/2021  | 
The Saudi Federation of Cybersecurity, Programming, and Drones (SAFCSP) and Informa Tech will launch a multi-day event in Riyadh this November.
Cartoon Caption Winner: Road Trip
Commentary  |  6/7/2021  | 
And the winner of Dark Reading's cartoon caption contest is ...
Organizations Shift Further Left in App Development
Quick Hits  |  6/4/2021  | 
Most IT and security professionals surveyed think security is a critical enough reason to pause app development.
Microsoft Buys ReFirm Labs to Drive IoT Security Efforts
News  |  6/2/2021  | 
The acquisition will bring ReFirm's firmware analysis capabilities alongside Microsoft's Azure Defender for IoT to boost device security.
Processor Morphs Its Architecture to Make Hacking Really Hard
News  |  6/2/2021  | 
Researchers create a processor that uses encryption to modify its memory architecture during runtime, making it very difficult for hackers to exploit memory-based vulnerabilities.
Prevention Is the Only Cure: The Dangers of Legacy Systems
Commentary  |  5/27/2021  | 
Prolonged exposure to poorly managed legacy IT devices proves time and time again the familiar adage: What can go wrong will go wrong.
Rise in Opportunistic Hacks and Info-Sharing Imperil Industrial Networks
News  |  5/25/2021  | 
Security researchers at Mandiant have seen an increasing wave of relatively simplistic attacks involving ICS systems - and attackers sharing their finds with one another - since 2020.
Cost Savings, Better Security Drive Adoption of Emerging Technologies
News  |  5/20/2021  | 
However, senior technology managers express concerns about whether their current infrastructure can properly safeguard them.
Automation & Pervasive, Connected Technology to Pose Cyber Threats in 2030
News  |  5/19/2021  | 
A project to look at potential cybersecurity threats in a decade sees hackers and marketers sending spam directly to our vision, while attackers' automated systems adapt faster than defenses.
Researchers Create Covert Channel Over Apple AirTag Network
News  |  5/18/2021  | 
Small amounts of data could be sent from nearly anywhere using Apple's "Find My" network, hidden in the large volume of traffic as AirTags become widely used, two researchers say.
Name That Toon: Road Trip
Commentary  |  5/17/2021  | 
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
Wi-Fi Design, Implementation Flaws Allow a Range of Frag Attacks
News  |  5/14/2021  | 
Every Wi-Fi product is affected by at least one fragmentation and aggregation vulnerability, which could lead to a machine-in-the-middle attack, researcher says.
When AI Becomes the Hacker
News  |  5/13/2021  | 
Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society.
Troy Hunt: Organizations Make Security Choices Tough for Users
News  |  5/6/2021  | 
The Have I Been Pwned founder took the virtual stage at Black Hat Asia to share stories about his work and industrywide challenges.
Securing the Internet of Things in the Age of Quantum Computing
Commentary  |  5/6/2021  | 
Internet security, privacy, and authentication aren't new issues, but IoT presents unique security challenges.
DoD Lets Researchers Target All Publicly Accessible Info Systems
Quick Hits  |  5/5/2021  | 
The Department of Defense expands its vulnerability disclosure program to include a broad range of new targets.
Apple Issues Patches for Webkit Security Flaws
Quick Hits  |  5/4/2021  | 
The vulnerabilities may already be under active attack, Apple says in an advisory.
7 Modern-Day Cybersecurity Realities
Slideshows  |  4/30/2021  | 
Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.
Researchers Connect Complex Specs to Software Vulnerabilities
News  |  4/29/2021  | 
Following their release of 70 different vulnerabilities in different implementations of TCP/IP stacks over the past year, two companies find a common link.
'BadAlloc' Flaws Could Threaten IoT and OT Devices: Microsoft
Quick Hits  |  4/29/2021  | 
More than 25 critical memory allocation bugs could enable attackers to bypass security controls in industrial, medical, and enterprise devices.
Name That Toon: Greetings, Earthlings
Commentary  |  4/22/2021  | 
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
Pandemic Drives Greater Need for Endpoint Security
Quick Hits  |  4/16/2021  | 
Endpoint security has changed. Can your security plan keep up?
Dark Reading to Upgrade Site Design, Performance
Commentary  |  4/13/2021  | 
Improvements will make site content easier to navigate, faster, and more functional.
Cartoon Caption Winner: Something Seems Afoul
Commentary  |  4/7/2021  | 
And the winner of Dark Readings's March cartoon caption contest is ...
40% of Apps Leaking Information
Quick Hits  |  3/26/2021  | 
Apps in manufacturing most at risk, according to WhiteHat Security.
Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov't Customers
Quick Hits  |  3/25/2021  | 
A decision on the order, which contains several recommendations, is still forthcoming.
Lookout Acquires SASE Cloud Provider CipherCloud
Quick Hits  |  3/15/2021  | 
Deal signals a focus on the cloud for mobile security firm.
Call Recorder iPhone App Flaw Uncovered
Quick Hits  |  3/10/2021  | 
Researcher finds thousands of recorded calls easily accessible to others.
3 Security Flaws in Smart Devices & IoT That Need Fixing
Commentary  |  2/24/2021  | 
The scope and danger of unsecured, Internet-connected hardware will only continue to deepen.
Under Attack: Hosting & Internet Service Providers
Commentary  |  2/16/2021  | 
The digital universe depends on always-on IT networks and services, so ISPs and hosting providers have become favorite targets for cyberattacks.
How to Submit a Column to Dark Reading
Commentary  |  2/15/2021  | 
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
Game Over: Stopping DDoS Attacks Before They Start
Commentary  |  2/11/2021  | 
Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.
Cartoon Caption Winner: Insider Threat
Commentary  |  2/8/2021  | 
And the winner of Dark Reading's January cartoon caption contest is ...
RF Enables Takeover of Hostile Drones
Commentary  |  2/2/2021  | 
Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers and keep bystanders safe.
Rethinking IoT Security: It's Not About the Devices
Commentary  |  1/21/2021  | 
Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome.
IoT Vendor Ubiquiti Suffers Data Breach
Quick Hits  |  1/11/2021  | 
Cloud provider hosting "certain" IT systems attacked, company says.
The Coolest Hacks of 2020
News  |  12/31/2020  | 
Despite a pandemic and possibly the worst cyberattack campaign ever waged against the US, the year still had some bright spots when it came to "good" and creative hacks.
Enterprise IoT Security Is a Supply Chain Problem
Commentary  |  12/23/2020  | 
Organizations that wish to take advantage of the potential benefits of IoT systems in enterprise environments should start evaluating third-party risk during the acquisition process.
Patching Still Poses Problems for Industrial Controllers, Networking Devices
News  |  12/16/2020  | 
More than 90% of devices that run popular embedded operating systems remain vulnerable to critical flaws disclosed more than a year ago.
Juvenile Pleads Guilty to 2016 DNS Attack
Quick Hits  |  12/10/2020  | 
Mirai botnet was used to target Sony in an attack that took down DynDNS and a number of its notable customers.
Google Shares Cloud Security Tips
News  |  12/10/2020  | 
Anton Chuvakin, head of solution strategy at Google Cloud Security, discusses common cloud security hurdles and how to get over them.
Black Hat Europe: Dark Reading Video News Desk Coverage
News  |  12/10/2020  | 
Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe.
Trump Signs IoT Security Bill into Law
Quick Hits  |  12/7/2020  | 
The Internet of Things Cybersecurity Improvement Act of 2020 is now official.
Page 1 / 2   >   >>


Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34390
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function.
CVE-2021-34391
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel�s tz_handle_trusted_app_smc function where a lack of integer overflow checks on the req_off and param_ofs variables leads to memory corruption of critical kernel structures.
CVE-2021-34392
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.
CVE-2021-34393
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
CVE-2021-34394
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with multiple occurrences of the same parameter. The deserialization of untrusted data might allow an attacker to exploit the deserializer to impact code execution.