Security

132 articles
Immunization Against the IoT Zombie Horde

Immunization Against the IoT Zombie Horde

By Alex deVries and Tim Skutt IoT zombies are out there. There are a lot of them. We won’t be rid of them soon. They will be reaching out to your device, so it’s important to take steps now to immunize it so your device won’t suffer. In a previous blog, “IoT Zombies are Eating the Internet,” we dug into recent…
IoT Zombies are Eating the Internet

IoT Zombies are Eating the Internet

By Alex deVries and Tim Skutt Distributed denial of service (DDoS) attacks have always been a problem for popular hosted sites, but the ones from the last few weeks are different. The first one to make the news was Brian Krebs’ krebsonsecurity.com, one of the most comprehensive security news sites today. The DDoS attack was on the order of 620Gbps,…
Mitigating the IoT Attack Surface

Mitigating the IoT Attack Surface

By Neil McLellan  Modern day use cases for “IoT-like” applications date back to the earliest days of manned space flight for monitoring astronaut vital signs and shuttle telemetry – mission critical data points transmitted across a dedicated network. Beyond dedicated and specialized networks, technology once leveraging PSTN has now converged on the global IP network. The public internet has evolved…
Automotive networks can benefit from security layers

Automotive networks can benefit from security layers

By Tim Radzykewycz Last year, at the Black Hat conference in Las Vegas, Charlie Miller and Chris Valasek reported their security research on a Jeep Cherokee.  They were able to remotely break into the system and take control of steering, brakes, and other safety critical systems on the vehicle, as well as systems not normally considered safety critical such as…
From Mars to Earth, Wind River Is Applying Three Decades of Experience to Thwart Vehicle Hacking

From Mars to Earth, Wind River Is Applying Three Decades of Experience to Thwart Vehicle Hacking

By Marques McCammon Imagine you’re driving a two-ton SUV that’s traveling 70 miles-per-hour on the highway when suddenly, beyond your control, the air-conditioner fan starts blasting, the radio blares, windshield wipers whoosh back-and-forth and then the engine shuts down just as you approach a steep incline. That’s what happened last summer to Wired's Andy Greenberg when cyber security researchers remotely commandeered…
The Role of System Updates in IoT

The Role of System Updates in IoT

By Tim Radzykewycz In the brave new world that the Internet of things (IoT) is shaping, operational technology (OT) and information technology (IT) are quickly converging. Up until now, IT was seen as defining a restricted range of technologies pertaining to information processing, mainly generating and communicating data. OT was the domain of machinery, mainly physical equipment that was doing…
Develop. Deploy. Defend.

Develop. Deploy. Defend.

By Davide Ricci The factory floor is geting a makeover with intelligent connected devices. The server room is no longer a stuffy place. A majority of enterprises are strategically on the Internet of Things (IoT) path, and the developer ecosystem is rapidly changing as well.  It seems we’re well on the way to reach industry forecast of 200 billion connected…
Sealing data with TPM on VxWorks

Sealing data with TPM on VxWorks

    By Ka Kay Achacoso VxWorks support for data protection makes use of the Trusted Platform Module (TPM), a secure cryptoprocessor used to establish root of trust in security systems.  TPMs can be used in several security processes, including local attestation and remote attestation.  This blog entry focuses on a different aspect:  using a TPM as a root of…
Aviation Electronics Europe 2016

Aviation Electronics Europe 2016

By Paul Parkinson Recently, I attended the Aviation Electronics Europe 2016 conference, which was held in Munich again after the successful conference in 2015. The theme of this year’s conference was ‘International Avionics Challenges – Integrating the Single Sky’, and there were a number of presentations about the advances in aeronautical communications, navigation and surveillance systems (CNS) to enable air…
Security Vulnerabilities with Fingerprinting: Linux Considerations

Security Vulnerabilities with Fingerprinting: Linux Considerations

By  Tim Radzykewycz Various tools, such as nmap, can be used to help determine what operating system a particular computer is running, based on the network responses it generates to crafted network probes. This is called “fingerprinting.” Fingerprinting is a security concern.  It doesn't make it possible to exploit anything that isn't already exploitable.  However, it significantly trims the search…