IOT

MCCrash botnet launches DDoS attacks against Minecraft servers

Microsoft researchers have detected a cross-platform botnet designed to infect Windows, Linux, and IoT devices. The botnet dubbed “MCCrash” then launches distributed denial of service (DDoS) attacks against private Minecraft servers.

MCCrash botnet launches DDoS attacks against Minecraft servers Read More »

NIST SP 800-213: IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213 IoT Device: “Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements.”

NIST SP 800-213: IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements Read More »

SDK supply chain vulnerability exposes security cameras to hacking

A vulnerability in ThroughTek’s Kalay Platform software development hit (SDK) has exposed many security cameras used by original equipment manufacturers (OEMs) of consumer-grade security cameras and IoT devices.

SDK supply chain vulnerability exposes security cameras to hacking Read More »

“BadAlloc” vulnerabilities impact broad range of IoT and OT devices

Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed “BadAlloc” that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.

“BadAlloc” vulnerabilities impact broad range of IoT and OT devices Read More »

NAME:WRECK vulnerabilities can break DNS implementations in TCP/IP stacks

Security researchers have discovered nine vulnerabilities collectively dubbed NAME:WRECK than can break DNS implementations in TCP/IP stacks and lead to denial of service or remote code execution. The experts also provided guidelines to organization on how to fix the issues.

NAME:WRECK vulnerabilities can break DNS implementations in TCP/IP stacks Read More »

3 good examples of how to apply the Zero Trust Security Model

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

3 good examples of how to apply the Zero Trust Security Model Read More »

Microsoft February 2021 Security Updates, warns of Win32k Privilege Escalation vulnerability exploited in wild (updated)

Microsoft has released the February 2021 Security updates that includes patches for 56 vulnerabilities, 11 of those rated Critical. Moreover, the tech giant warned of a Win32k Privilege Escalation vulnerability CVE-2021-1732 exploited in wild.

Microsoft February 2021 Security Updates, warns of Win32k Privilege Escalation vulnerability exploited in wild (updated) Read More »

Cisco patches 3 Critical vulnerabilities in IMC, DNA Spaces Connector and IoT products

Cisco has patched three Critical vulnerabilities in Cisco Integrated Management Controller (IMC), DNA Spaces Connector and IoT Field Network Director (FND) products.

Cisco patches 3 Critical vulnerabilities in IMC, DNA Spaces Connector and IoT products Read More »