Mandiant, a division of FireEye, has reported that it has discovered a vulnerability in a software protocol that enables hackers to gain access to audio and visual data on smart devices including baby monitors and web cameras. The protocol was created  by Taiwanese Internet of Things vendor ThroughTek, and is incorporated in as many as

It should be assumed that everything connected to the Internet can be hacked and exposed, now more than ever. It is commonplace and concerning. Internet of Things (IoT) devices are often developed and sold without a focus on security, because getting the product into the market is the top priority. We have previously commented that

There is a new federal IoT law, H.R. 1668, the IoT Cybersecurity Improvement Act of 2020, that recently passed the House and Senate and was signed by the President on December 4. The bill had 26 co-sponsors, representing Democrats and Republicans almost equally, and enjoyed bipartisan support in an era that has not seen

It is no secret that companies are experiencing an increase in security incidents following the transition from work in the office to work from home during the pandemic. There are a number of causes, including the difficulty of controlling the security of at-home technology equipment such as routers, printers, personal assistants and other IoT devices,

CyberX recently released its 2020 Global IoT/ICS Risk Report (Report), which compiles survey questions and answers from 1,821 production networks of electric utilities, and oil and gas companies. Although the Report admitted that oil and gas companies and electric utilities tend to be ahead of the curve on cybersecurity compared to other sectors, they are

The United States Government Accounting Office (GAO) recently issued a report on the cybersecurity risks facing the electric grid. The GAO reviewed the cybersecurity of the electric grid to determine the risks and challenges facing the grid, to describe federal efforts to address those risks, to assess the extent to which the Department of Energy

It is so hard to keep up with the latest ways the bad guys try to infiltrate company data. One new technique is called warshipping, and its implementation is pretty simple and a little old school.

IBM X-Force Red investigated the technique to give its customers an idea of the newest threats to enterprise systems.