1,000 False Wakewords: A Letter! Buy 200 Toilet Rolls

1,000 False Wakewords: A Letter! Buy 200 Toilet Rolls

Researchers have found a thousand ways to say smart-speaker wakewords, highlighting the privacy problems. Again ...
Security Boulevard

Securing the International IoT Supply Chain

Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: ...

The CSA IoT Security Controls Framework

Building the Case for IoT Security Framework The Internet of Things (IoT) is growing in technical, social, and economic significance. ENISA defines the increasingly complex IoT systems as “cyber-physical ecosystem[s] of interconnected ...

Ripple20 Zeek package open sourced

By Ben Reardon, Corelight Security Researcher Recently, security research group JSOF released 19 vulnerabilities related to the “Treck” TCP/IP stack. This stack exists on many devices as part of the supply chain ...
Allot BusinessSecure | A Cybersecurity Solution Enabling Service Providers to Protect the SMB Market

Simple and reliable network security for SMBs

When it comes to cybersecurity, what’s the difference between SMBs and large enterprises? If you guessed that the difference is related to the number of cyberattacks, then you’d be wrong. SMBs suffer ...
Akamai DDoS

Akamai Identifies Another Massive DDoS Attack

Akamai today disclosed it mitigated the largest packet per second (PPS) distributed denial-of-service (DDoS) attack ever recorded on its platform. Aimed at a large European bank, the attack generated 809 million packets ...
Security Boulevard

Analyzing IoT Security Best Practices

New research: "Best Practices for IoT Security: What Does That Even Mean?" by Christopher Bellman and Paul C. van Oorschot: Abstract: Best practices for Internet of Things (IoT) security have recently attracted ...
80% of Drivers Don’t Remove Personal Information Before Selling Their Car

80% of Drivers Don’t Remove Personal Information Before Selling Their Car

Four in five drivers don’t remove their personal information before selling their car, a new survey from Which? reveals. Between December 2019 and February 2020, the consumer advisory group surveyed more than ...
Ripple20-Vulnerabilities-BLOG

Ripple20 – New Zero-Day Vulnerabilities Send Shockwaves Across IoT

Two things make Ripple20 IT/OT/IoT vulnerabilities especially concerning: the potential impact that can be achieved by their exploitation, and the difficulty of finding and tracking all instances of the vulnerable library. The ...
SSH-Targeting Golang Bots Becoming the New Norm

SSH-Targeting Golang Bots Becoming the New Norm

Bitdefender researchers have recently found an increasing number of SSH-targeting bots written in Golang. Traditionally, popular malware is written in C, C++ and Perl, and it’s rare that we see attackers creating ...