December 13, 2024 at 06:03AM A state-sponsored Iranian hacking group, CyberAv3ngers, has employed custom malware, IOCONTROL, to target IoT and operational technology devices in the U.S. and Israel. This malware exploits vulnerabilities in industrial control systems, leading to significant disruptions. The U.S. government offers a $10 million reward for information on the group. ### Meeting … Read more
December 12, 2024 at 04:13PM Ruijie Networks has patched 10 vulnerabilities in its Reyee cloud management platform, potentially allowing control of thousands of devices. Researchers from Claroty, who developed the “Open Sesame” attack, highlighted weaknesses in device authentication. This could enable attackers to impersonate the cloud platform and exploit connected devices, raising IoT security concerns. … Read more
December 10, 2024 at 07:21AM Cisco’s Talos unit has revealed several unpatched vulnerabilities in MC Technologies’ industrial router and GoCast’s BGP tool, despite responsible disclosure to vendors months ago. Notably, the MC LR router has four high-severity command injection flaws, while GoCast has three critical vulnerabilities, both potentially exploitable through crafted HTTP requests. ### Meeting … Read more
November 6, 2024 at 02:43PM Internet-connected devices are integral to daily life but pose significant cybersecurity risks. Consumers must remain vigilant against insecure devices and scams, particularly in light of recent regulatory advancements like the EU’s Cyber Resilience Act. Manufacturers need to adapt to evolving security requirements and enhance communication between product and cybersecurity teams. … Read more
November 1, 2024 at 09:30AM GreyNoise Intelligence reported that its internal AI tool identified attempts to exploit critical vulnerabilities in commercial livestream IoT cameras, enhancing security awareness in the IoT sector. This highlights the importance of AI in detecting potential threats. **Meeting Takeaways:** 1. **Internal AI Tool**: GreyNoise Intelligence has developed an internal AI tool … Read more
October 22, 2024 at 05:23PM Honeywell and Google Cloud announced a collaboration to enhance industrial operations using AI, integrating Honeywell Forge data with Google’s Gemini AI platform. This partnership aims to improve maintenance costs, productivity, and workforce training, with initial solutions set for release in 2025, addressing labor shortages in the industrial sector. ### Key … Read more
September 23, 2024 at 10:00AM The CERT Coordination Center at Carnegie Mellon University has issued an advisory for a critical flaw in Microchip’s Advanced Software Framework (ASF) that allows remote code execution via specially crafted DHCP requests. The security issue affects ASF 3.52.0.2574 and older versions, with no practical solution other than replacing the vulnerable … Read more
September 18, 2024 at 01:01PM Cybersecurity researchers uncover Raptor Train botnet operated by Chinese state threat actor Flax Typhoon. Consisting of compromised SOHO & IoT devices, it’s one of the largest Chinese IoT botnets, targeting devices from multiple manufacturers. Raptor Train has been linked to multiple campaigns and has been used for potential exploitation attempts … Read more
July 30, 2024 at 03:36AM ZeroTier, a networking solutions provider, has secured $13.5 million in Series A funding, raising the total to around $16 million. The investment was led by Battery Ventures, with support from several other firms. The company, founded in 2011, offers virtual networking for secure connections and IoT deployments. This funding will … Read more
June 6, 2024 at 09:32AM The Boston Red Sox are making comprehensive cybersecurity efforts by adopting a software-as-a-service model and embracing IoT at Fenway Park. Despite limited resources, support from Major League Baseball helps the team punch above its weight in cyber defense. Their security apparatus is dynamic and constantly evolving to protect IP, ensure … Read more