Jon Gold

Author Archives: Jon Gold

Microsoft finds Russia-backed attacks that exploit IoT devices

The STRONTIUM hacking group, which has been strongly linked by security researchers to Russia’s GRU military intelligence agency, was responsible for an IoT-based attack on unnamed Microsoft customers, according to the company. a blog post from the company’s security response center issued Monday.Microsoft said in a blog that the attack, which it discovered in April, targeted three specific IoT devices – a VoIP phone, a video decoder and a printer (the company declined to specify the brands) – and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturer’s default password, and the other one hadn’t had the latest security patch applied.To read this article in full, please click here

Microsoft finds Russia-backed attacks that exploit IoT devices

The STRONTIUM hacking group, which has been strongly linked by security researchers to Russia’s GRU military intelligence agency, was responsible for an IoT-based attack on unnamed Microsoft customers, according to the company. a blog post from the company’s security response center issued Monday.Microsoft said in a blog that the attack, which it discovered in April, targeted three specific IoT devices – a VoIP phone, a video decoder and a printer (the company declined to specify the brands) – and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturer’s default password, and the other one hadn’t had the latest security patch applied.To read this article in full, please click here

Remote code execution is possible by exploiting flaws in Vxworks

Eleven zero-day vulnerabilities in WindRiver’s VxWorks, a real-time operating system in use across an advertised 2 billion connected devices have been discovered by network security vendor Armis.Six of the vulnerabilities could enable remote attackers to access unpatched systems without any user interaction, even through a firewall according to Armis. About IoT: What is the IoT? How the internet of things works What is edge computing and how it’s changing the network Most powerful Internet of Things companies 10 Hot IoT startups to watch The 6 ways to make money in IoT What is digital twin technology? [and why it matters] Blockchain, service-centric networking key to IoT success Getting grounded in IoT networking and security Building IoT-ready networks must become a priority What is the Industrial IoT? [And why the stakes are so high] The vulnerabilities affect all devices running VxWorks version 6.5 and later with the exception of VxWorks 7, issued July 19, which patches the flaws. That means the attack windows may have been open for more than 13 years.To read this article in full, please click here

Remote code execution is possible by exploiting flaws in Vxworks

Eleven zero-day vulnerabilities in WindRiver’s VxWorks, a real-time operating system in use across an advertised 2 billion connected devices have been discovered by network security vendor Armis.Six of the vulnerabilities could enable remote attackers to access unpatched systems without any user interaction, even through a firewall according to Armis. About IoT: What is the IoT? How the internet of things works What is edge computing and how it’s changing the network Most powerful Internet of Things companies 10 Hot IoT startups to watch The 6 ways to make money in IoT What is digital twin technology? [and why it matters] Blockchain, service-centric networking key to IoT success Getting grounded in IoT networking and security Building IoT-ready networks must become a priority What is the Industrial IoT? [And why the stakes are so high] The vulnerabilities affect all devices running VxWorks version 6.5 and later with the exception of VxWorks 7, issued July 19, which patches the flaws. That means the attack windows may have been open for more than 13 years.To read this article in full, please click here

IoT roundup: Connected cows, food safety sensors and tracking rent-a-bikes

While the public image of agriculture remains a bit antiquated, the industry is actually an increasingly sophisticated one, and farmers have been particularly enthusiastic in their embrace of IoT. Everything from GPS-guided precision for planting, watering and harvesting to remote soil monitoring and in-depth yield analysis is available to the modern farmer.What’s more, the technology used in agriculture continues to evolve at speed; witness the recent partnership between Quantified Ag, a University of Nebraska-backed program that, among other things, can track livestock health via a system of IoT ear tags, and Cradlepoint, a vendor that makes the NetCloud Manager product.To read this article in full, please click here

Report: Smart-city IoT isn’t smart enough yet

Security arrangements for smart-city IoT technology around the world are in an alarming state of disrepair, according to a report from Forrester Research that argues serious changes are needed in order to avoid widespread compromises.Much of what’s wrong has to do with a lack of understanding on the part of the people in charge of those systems and a failure to follow well-known security best practices, like centralized management, network visibility and limiting attack-surfaces. More on IoT: What is the IoT? How the internet of things works What is edge computing and how it’s changing the network Most powerful Internet of Things companies 10 Hot IoT startups to watch The 6 ways to make money in IoT What is digital twin technology? [and why it matters] Blockchain, service-centric networking key to IoT success Getting grounded in IoT networking and security Building IoT-ready networks must become a priority What is the Industrial IoT? [And why the stakes are so high] Those all pose stiff challenges, according to “Making Smart Cities Safe And Secure,” the Forrester report by Merritt Maxim and Salvatore Schiano. The attack surface for a smart city is, by default, enormous, given the volume of Internet-connected hardware involved. Continue reading

Wireless alliance: You might want to move some access points for Wi-Fi 6

Businesses could find themselves repositioning wireless access points and even facing increased bandwidth demands as Wi-Fi 6 hits the market in the coming months, according to a white paper released today by the Wireless Broadband Alliance.Nevertheless, the news is mostly good for prospective business users. Thanks to Wi-Fi 6’s array of coexistence, power-saving and smart management features, a new network based on the technology shouldn’t pose many deployment problems.The time of 5G is almost here Key to the enterprise WLAN use case, the white paper says, is deployment planning – Wi-Fi 6 can offer different optimal placement options than previous-generation Wi-Fi, so it could behoove upgraders to consider changing AP locations, instead of just swapping out existing devices in the same locations.To read this article in full, please click here

IoT roundup: Robot boats; AT&T makes IoT partner deals

There’s plenty of IoT technology coming into the automotive sector – sophisticated fleet management systems, in-car entertainment and connectivity - but the real pot of gold is fully autonomous transport, which is inching closer all the time.One piece of news on that front comes out of MIT, where researchers announced earlier this month that they are collaborating with the Amsterdam Institute for Advanced Metropolitan Solutions to create a “roboat,” which leverages GPS, cameras and other sensors, alongside on-board connectivity and compute, to create autonomous boats for travel along the Dutch capital’s 165 canals.To read this article in full, please click here

IoT roundup: Robot boats, AT&T makes IoT partner deals

There’s plenty of IoT technology coming into the automotive sector – sophisticated fleet management systems, in-car entertainment and connectivity - but the real pot of gold is fully autonomous transport, which is inching closer all the time.One piece of news on that front comes out of MIT, where researchers announced earlier this month that they are collaborating with the Amsterdam Institute for Advanced Metropolitan Solutions to create a “roboat,” which leverages GPS, cameras and other sensors, alongside on-board connectivity and compute, to create autonomous boats for travel along the Dutch capital’s 165 canals.To read this article in full, please click here

Carrier services help expand healthcare, with 5G in the offing

There are connectivity options aplenty for most types of IoT deployment, but the idea of simply handing the networking part of the equation off to a national licensed wireless carrier could be the best one for certain kinds of deployments in the medical field.Telehealth systems, for example, are still a relatively new facet of modern medicine, but they’re already among the most important applications that use carrier networks to deliver care. One such system is operated by the University of Mississippi Medical Center, for the treatment and education of diabetes patients.To read this article in full, please click here

Report: Mirai tries to hook its tentacles into SD-WAN

Mirai – the software that has hijacked hundreds of thousands of internet-connected devices to launch massive DDoS attacks – now goes beyond recruiting just IoT products; it also includes code that seeks to exploit a vulnerability in corporate SD-WAN gear.That specific equipment – VMware’s SDX line of SD-WAN appliances – now has an updated software version that fixes the vulnerability, but by targeting it Mirai’s authors show that they now look beyond enlisting security cameras and set-top boxes and seek out any vulnerable connected devices, including enterprise networking gear. More about SD-WANTo read this article in full, please click here

Report: Mirai tries to wrap its tentacles around SD-WAN

Mirai – the software that has hijacked hundreds of thousands of internet-connected devices to launch massive DDoS attacks – now goes beyond recruiting just IoT products; it also includes code that seeks to exploit a vulnerability in corporate SD-WAN gear.That specific equipment – VMware’s SDX line of SD-WAN appliances – now has an updated software version that fixes the vulnerability, but by targeting it Mirai’s authors show that they now look beyond enlisting security cameras and set-top boxes and seek out any vulnerable connected devices, including enterprise networking gear. More about SD-WANTo read this article in full, please click here(Insider Story)

Report: Mirai tries to hook its tentacles into SD-WAN

Mirai – the software that has hijacked hundreds of thousands of internet-connected devices to launch massive DDoS attacks – now goes beyond recruiting just IoT products; it also includes code that seeks to exploit a vulnerability in corporate SD-WAN gear.That specific equipment – VMware’s SDX line of SD-WAN appliances – now has an updated software version that fixes the vulnerability, but by targeting it Mirai’s authors show that they now look beyond enlisting security cameras and set-top boxes and seek out any vulnerable connected devices, including enterprise networking gear. More about SD-WANTo read this article in full, please click here

IoT Roundup: New research on IoT security, Microsoft leans into IoT

As with any technology whose use is expanding at such speed, it can be tough to track exactly what’s going on in the IoT world – everything from basic usage numbers to customer attitudes to more in-depth slices of the market is constantly changing. Fortunately, the month of May brought several new pieces of research to light, which should help provide at least a partial outline of what’s really happening in IoT.To read this article in full, please click here(Insider Story)

Huawei flap should prompt supply chain scrutiny

Aggressive efforts to keep China-based telecom vendor Huawei out of the U.S. market by the Trump administration have thrust a slow-burning debate in the networking space about the security implications of using Chinese-made technology into the limelight over the last two weeks, yet the real-world implications for business users are less than apocalyptic.The basics of the administration's case against Huawei are simple. The company’s close ties to the Chinese government, coupled with China’s history of industrial and political espionage against the U.S., means that its products can’t be trusted not to slip important information back to Beijing. The current crisis is only two weeks old, but  these concerns about Huawei and other China-based tech vendors date back years.To read this article in full, please click here

Experts: Enterprise IoT enters the mass-adoption phase

IoT in general has taken off quickly over the past few years, but experts at the recent IoT World highlighted that the enterprise part of the market has been particularly robust of late – it’s not just an explosion of connected home gadgets anymore.Donna Moore, chairwoman of the LoRa Alliance, an industry group that works to develop and scale low-power WAN technology for mass usage, said on a panel that she’s never seen growth this fast in the sector. “I’d say we’re now in the early mass adopters [stage],” she said. More on IoT:To read this article in full, please click here

Las Vegas targets transport, public safety with IoT deployments

The city of Las Vegas’ pilot program with NTT and Dell, designed to crack down on wrong-way driving on municipal roads, is just part of the big plans that Sin City has for leveraging IoT tech in the future, according to the city's director of technology Michael Sherwood., who sat down with Network World at the IoT World conference in Silicon Valley this week.The system uses smart cameras and does most of its processing at the edge, according to Sherwood. The only information that gets sent back to the city’s private cloud is metadata – aggregated information about overall patterns, for decision-making and targeting purposes, not data about individual traffic incidents and wrong-way drivers.To read this article in full, please click here

Top auto makers rely on cloud providers for IoT

For the companies looking to implement the biggest and most complex IoT setups in the world, the idea of pairing up with AWS, Google Cloud or Azure seems to be one whose time has come. Within the last two months, BMW and Volkswagen have both announced large-scale deals with Microsoft and Amazon, respectively, to help operate their extensive network of operational technology.To read this article in full, please click here(Insider Story)

Health care is still stitching together IoT systems

Government regulations, safety and technical integration are all serious issues facing the use of IoT in medicine, but professionals in the field say that medical IoT is movingforward despite the obstacles. A vendor, a doctor, and an IT pro all spoke to Network World about the work involved.To read this article in full, please click here(Insider Story)

1 2 3 21