Researchers blame a 700% spike in IoT-specific malware attacks in part on personal device usage such as digital home assistants, media players and smart TVs.
The attack pairs a new vulnerability with older flaws that can be leveraged in new ways to attack a popular controller used across critical infrastructure sectors.
Most providers are aware of the importance of medical device security. But that acknowledgement hasn’t translated into stronger processes for inventory or response.
A lack of real-time data on inventories, connections, and device communications, combined with reliance on legacy platforms and slow patch management processes have resulted in many providers leaving the door open to attackers.
The half-dozen flaws are found in all versions of the ZOLL Defibrillator Dashboard prior to 2.2. It would take a low-skill level to exploit and could enable an attacker to gain access to credentials or impact the confidentiality, integrity, and availability of the application.
Many Android device OEMs may have offerings with similar flaws, any of which could provide an avenue in to home networks and even enterprise resources.
ReFirm provides drag-and-drop automated firmware analysis, which Microsoft hopes will provide security insight for industrial IoT products, where security personnel often struggle to look inside built-in hardware.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
