Global agencies warn of increased cyberattacks against OT devices

Global federal agencies are sounding the alarm over an increase in cyberattacks by pro-Russia hacktivist groups targeting operational technology (OT) devices across critical infrastructure in North America and Europe.

The Cybersecurity and Infrastructure Security Agency (CISA), FBI, NSA, EPA, DOE, USDA, FDA, Multi-State ISAC, Canadian Centre for Cyber Security, and UK's National Cyber Security Centre have observed these threat actors compromising small-scale industrial control...

UK introduces first IoT security laws

The UK has become the first country to legally mandate cybersecurity standards for IoT devices. The new laws, which came into force today, aim to shield consumers from cyber threats and boost the nation's resilience against rising cyber-crime.

Under the Product Security and Telecommunications Infrastructure (PSTI) regime, manufacturers will be legally required to build security protections into any product with internet connectivity. Easily guessable default passwords like "admin"...

Retail faces continued threat from IoT botnets

A new report from Netskope Threat Labs sheds light on the major cloud threats targeting the retail industry over the past year. The key malware families deployed by attackers were IoT botnets like Mirai, remote access tools, and infostealers aimed at stealing customer payment data and credentials.

Paolo Passeri, Cyber Intelligence Principal at Netskope, said: “It’s surprising that the retail sector still finds itself specifically targeted with botnets like Mirai as attackers...

Wyze customers view strangers’ camera feeds after glitch

Wyze, the maker of affordable home security cameras, experienced a glitch on Friday that allowed thousands of customers to access images and videos from cameras belonging to other users.

On Friday, an outage caused by a problem with an Amazon Web Services (AWS) partner left Wyze customers unable to view footage from their own cameras for several hours. As the company worked to restore service, approximately 13,000 Wyze users received thumbnails and video clips from cameras that...

US disrupts botnet used by Russia-linked APT28 threat group

The US government has disrupted a network of routers that were being used by the Russia-linked threat group APT28 to conceal malicious cyber activities. 

"These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as US and foreign governments and military, security, and corporate organisations," said the US Department of Justice (DoJ) in a statement.

APT28, tracked by...

IoT security remains a top concern for enterprises in 2024

As the use of IoT devices continues to accelerate, a new report from Asimily highlights the growing cybersecurity risks facing enterprises that fail to properly secure their connected devices. 

The report, titled ‘IoT Device Security in 2024: The High Cost of Doing Nothing,’ analyses emerging attack trends targeting IoT infrastructure and outlines potential consequences for companies neglecting sufficient resilience measures.

With hospitals, manufacturers,...

‘Pandoraspear’ botnet hijacks smart TVs and boxes

Cybercrime syndicate Bigpanzi stands accused of orchestrating a massive Distributed Denial of Service (DDoS) botnet named 'Pandoraspear'.

Pandoraspear has reportedly infected potentially millions of smart TVs and set-top boxes, with at least 170,000 bots actively running during the campaign's peak.

The infection mechanism primarily targets Android-based smart TVs and streaming hardware, exploiting users who visit dubious streaming sites on their smartphones. Upon...

IoT Tech Expo: Cybersecurity threats facing medical devices

Patrick Maw, an expert in medical device cybersecurity at University College London Hospitals NHS Foundation Trust, recently gave a talk at IoT Tech Expo Global highlighting the cybersecurity threats facing connected medical devices.

Maw explained that a wide range of medical equipment now connects to healthcare networks, from infusion pumps and CT scanners to mobile devices running medical apps. 

"Software is a medical device in its own right," stated Maw, drawing...

BlackBerry axes plan to separate IoT business

BlackBerry has scrapped its plan to split into two independent companies, including pursuing an initial public offering (IPO) for its IoT business unit. Instead, the Canadian tech giant has chosen to reorganise itself into two distinct internal divisions: one focusing on its cybersecurity strength, and the second on the IoT.

The decision comes after the completion of Project Imperium, a comprehensive review initiated by BlackBerry to chart a course for sustained growth and...

P2PInfect malware variant targets IoT devices

Cybersecurity researchers from Cado Security Labs have uncovered a novel variant of the P2PInfect botnet that poses a heightened risk by targeting IoT devices.

The latest P2PInfect variant – compiled for Microprocessor without Interlocked Pipelined Stages (MIPS) architecture – signifies an expansion of the malware's capabilities, potentially paving the way for widespread infections.

Security researcher Matt Muir highlighted the significance of targeting MIPS,...