Forescout Research Labs and JSOF researchers have discovered nine security flaws in four commonly used TCP/IP stacks that make 100+ million devices vulnerable to attack. The set of flaws, dubbed Name:Wreck, mainly impact Internet of Things (IoT) products and IT management servers. The TCP/IP stacks that integrate network communication protocols to connect devices and the Internet are found in operating systems such as the open-source FreeBSD and Siemens’ Nucleus NET. An attacker could crash a device, take it offline or gain control of it. Continue reading Millions of IoT Devices Open to Attack Due to Security Flaws

The Internet of Things is more vulnerable than previously proven. Up until now the most common attack via IoT device has been to enlist thousands of them into botnets. Another method of attack is to find entry via a weak IoT device to conduct a ransomware attack. Now, IoT security firm Senrio has demonstrated that attackers can jump from one IoT device to another, without moving through PCs and servers, making their path even harder to discover. In other words, one vulnerable IoT device can create network disruption. Continue reading Unregulated IoT Devices Now Entry Point for Elaborate Hacks