Vulnerable TCP/IP stack is used by almost 200 device vendors

Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack (aka InterNiche) TCP/IP stack, used in OT devices such as the extremely popular Siemens S7 PLCs. “Other major OT device vendors, such as Emerson, Honeywell, M… Continue reading Vulnerable TCP/IP stack is used by almost 200 device vendors

Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack

Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak Initial Sequence Number (ISN) generation, and could be exploited to mount limited D… Continue reading Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack

Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack

Forescout researchers have discovered 33 vulnerabilities affecting four open source TCP/IP (communications) stacks used in millions of connected devices worldwide. Collectively dubbed Amnesia:33 because they primarily cause memory corruption, these vul… Continue reading Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns. Continue reading ‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

Researchers aim to improve code patching in embedded systems

Three Purdue University researchers and their teammates at the University of California, Santa Barbara and Swiss Federal Institute of Technology Lausanne have received a DARPA grant to fund research that will improve the process of patching code in vul… Continue reading Researchers aim to improve code patching in embedded systems

Millions of routers running OpenWRT vulnerable to attack

A vulnerability (CVE-2020-7982) discovered in the package manager of the OpenWRT open source operating system could allow attackers to compromise the embedded and networking devices running it. About OpenWRT OpenWRT is an open source, Linux-based opera… Continue reading Millions of routers running OpenWRT vulnerable to attack

Mixed-signal circuits can stop side-channel attacks against IoT devices

Purdue University innovators have unveiled technology that is 100 times more resilient to electromagnetic and power attacks, to stop side-channel attacks against IoT devices. Securing IoT devices against side-channel attacks Security of embedded device… Continue reading Mixed-signal circuits can stop side-channel attacks against IoT devices

Embedding security, the right way

As organizations proceed to move their processes from the physical world into the digital, their risk profile changes, too – and this is not a time to take risks. By not including security into DevOps processes, organizations are exposing their busines… Continue reading Embedding security, the right way

Total global shipments of secure embedded hardware to double by 2023

Accelerating demand for embedded security in industrial and automotive segments is driving the market for technologies such as secure microcontrollers (MCU) and trusted platform modules (TPM). ABI Research forecasts that total global shipments of secur… Continue reading Total global shipments of secure embedded hardware to double by 2023