Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902

Following the initial disclosure of two F5 BIG-IP vulnerabilities on the first week of July, we continued monitoring and analyzing the vulnerabilities and other related activities to further understand their severities. Based on the workaround published for CVE-2020-5902, we found Read More …

Ripple20 vulnerabilities will haunt the IoT landscape for years to come

Cyber-security experts have revealed today 19 vulnerabilities in a small library designed in the 90s that has been widely used and integrated into countless of enterprise and consumer-grade products over the last 20+ years. The number if impacted products is Read More …

Forward-looking security analysis of smart factories [Part 3] – Trojanized libraries for industrial IoT devices

IoT devices are being incorporated more and more into smart factories. IoT devices are endpoints that have a unique IP address and that can connect to the Internet; they are expected to be used for various purposes not only in Read More …

Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment

A team of academics says they’ve discovered a new security bug that impacts Xilinx FPGA (Field Programmable Gate Arrays) chipsets. Named Starbleed, the bug allows attackers — with both physical or remote access — to extract and tamper with an Read More …

Hackers breach FSB contractor and leak details about IoT hacking project

Russian hacker group Digital Revolution claims to have breached a contractor for the FSB — Russia’s national intelligence service — and discovered details about a project intended for hacking Internet of Things (IoT) devices. The group published this week 12 Read More …

Singapore to spend $719m beefing up government’s cyber, data security systems

The Singapore government will look to invest SG$1 billion to beef up its cyber and data security systems, which it says is critical as its agencies increasingly adopt technologies such as artificial intelligence (AI), cloud, and Internet of Things (IoT). Read More …

Researchers Use Smart Light Bulbs to Infiltrate Networks

Researchers successfully infiltrated networks through a vulnerability in Philips Hue light bulbs. The CVE-2020-6007 vulnerability, which involves the ZigBee communication protocol, can be abused to remotely install malicious firmware in smart light bulbs and spread malware to other internet-of-things (IoT) devices. To make the Read More …