Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack
Forescout researchers have discovered 33 vulnerabilities affecting four open source TCP/IP (communications) stacks used in millions of connected devices worldwide. …
embedded systems
Researchers aim to improve code patching in embedded systems
Three Purdue University researchers and their teammates at the University of California, Santa Barbara and Swiss Federal Institute of Technology Lausanne have received a DARPA …
Millions of routers running OpenWRT vulnerable to attack
A vulnerability (CVE-2020-7982) discovered in the package manager of the OpenWRT open source operating system could allow attackers to compromise the embedded and networking …
Mixed-signal circuits can stop side-channel attacks against IoT devices
Purdue University innovators have unveiled technology that is 100 times more resilient to electromagnetic and power attacks, to stop side-channel attacks against IoT devices. …
Embedding security, the right way
As organizations proceed to move their processes from the physical world into the digital, their risk profile changes, too – and this is not a time to take risks. By not …
Total global shipments of secure embedded hardware to double by 2023
Accelerating demand for embedded security in industrial and automotive segments is driving the market for technologies such as secure microcontrollers (MCU) and trusted …
200 million enterprise, industrial, and medical devices affected by RCE flaws in VxWorks RTOS
Armis researchers have discovered 11 vulnerabilities (including 6 critical RCE flaws) in Wind River VxWorks, a real-time operating system used by more than two billion devices …
Researchers develop new technique to identify malware in embedded systems
A technique for detecting types of malware that use a system’s architecture to thwart traditional security measures has been developed by researchers from North Carolina …
Mirai variant picks up new tricks, expands list of targeted devices
Mirai, the infamous malware that turns Linux-based IoT devices into remotely controlled bots, has been updated to target new devices and device types. Among these are LG …
Flaw in HID door controllers lets attackers unlock doors, deactivate alarms
Trend Micro researcher Ricky Lawshae has unearthed a critical vulnerability in HID’s VertX and Edge door controllers. Exploiting the flaw is easy, and could result in …
Can poorly designed embedded devices kill?
The industry is not taking safety and security seriously enough, according to the Barr Group, who conducted a survey to better understand the state of safety- and …
More than 900 embedded devices share hard-coded certs, SSH host keys
Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a …
