Articles about serious vulnerabilities in IoT devices and embedded systems are now dime-a-dozen. This one concerns Internet-connected car washes: A group of security researchers have found vulnerabilities in internet-connected drive-through car washes that would let hackers remotely hijack the systems to physically attack vehicles and their occupants. The vulnerabilities would let an attacker open and … Read More “Vulnerabilities in Car Washes” »
Category: internetofthings
Auto Added by WPeMatico
The company that sells the Roomba autonomous vacuum wants to sell the data about your home that it collects. Some questions: What happens if a Roomba user consents to the data collection and later sells his or her home — especially furnished — and now the buyers of the data have a map of a … Read More “Roombas will Spy on You” »
Slashdot asks if password masking — replacing password characters with asterisks as you type them — is on the way out. I don’t know if that’s true, but I would be happy to see it go. Shoulder surfing, the threat is defends against, is largely nonexistent. And it is becoming harder to type in passwords … Read More “Password Masking” »
Websites are sending information prematurely: …we discovered NaviStone’s code on sites run by Acurian, Quicken Loans, a continuing education center, a clothing store for plus-sized women, and a host of other retailers. Using Javascript, those sites were transmitting information from people as soon as they typed or auto-filled it into an online form. That way, … Read More “Websites Grabbing User-Form Data Before It’s Submitted” »
Last week, Microsoft issued a security patch for Windows XP, a 16-year-old operating system that Microsoft officially no longer supports. Last month, Microsoft issued a Windows XP patch for the vulnerability used in WannaCry. Is this a good idea? This 2014 essay argues that it’s not: The zero-day flaw and its exploitation is unfortunate, and … Read More “Is Continuing to Patch Windows XP a Mistake?” »
Ross Anderson blogged about his new paper on security and safety concerns about the Internet of Things. (See also this short video.) It’s very much along the lines of what I’ve been writing. Powered by WPeMatico
As devastating as the latest widespread ransomware attacks have been, it’s a problem with a solution. If your copy of Windows is relatively current and you’ve kept it updated, your laptop is immune. It’s only older unpatched systems on your computer that are vulnerable. Patching is how the computer industry maintains security in the face … Read More “Ransomware and the Internet of Things” »
Ransomware isn’t new, but it’s increasingly popular and profitable. The concept is simple: Your computer gets infected with a virus that encrypts your files until you pay a ransom. It’s extortion taken to its networked extreme. The criminals provide step-by-step instructions on how to pay, sometimes even offering a help line for victims unsure how … Read More “The Future of Ransomware” »
Criminals go where the money is, and cybercriminals are no exception. And right now, the money is in ransomware. It’s a simple scam. Encrypt the victim’s hard drive, then extract a fee to decrypt it. The scammers can’t charge too much, because they want the victim to pay rather than give up on the data. … Read More “WannaCry Ransomware” »
This is a good summary article about the horrible security of St. Jude pacemakers, and the history of the company not doing anything about it. Powered by WPeMatico