Daily Archives: October 7, 2016

CSA releases IoT security guide

Posted on by
Reply

An in-depth security guidance report aimed at Internet of Things developers has been released by the Cloud Security Alliance.

Titled Future-proofing the Connected World: 13 steps to developing secure IoT products, the report offers practical and technical guidance to devs trying to secure networks of IoT devices.

“An IoT system is only as secure as its weakest link,” wrote Brian Russell, chair of the CSA’s IoT working group. “This document is our attempt at providing actionable and useful guidance for securing the individual products that make up an IoT system.”

Split into comprehensive sections, the guide covers: the need for IoT security; why dev organisations should care about securing IoT networks; device security challenges; and includes detailed guidance for secure IoT development, including everything from tips on implementing a secure dev environment to designing in hardware security controls and securing your firmware updates. A “detailed checklist for security engineers to follow during the development process” is also included.

Source: Devs! Here’s how to secure your IoT network, in, uh, 75 easy pages

Hubble detects giant ‘cannonballs’ shooting from star

Posted on by
Reply

NASA’s Hubble Space Telescope has detected superhot blobs of gas, each twice as massive as the planet Mars, being ejected near a dying star. The plasma balls are zooming so fast through space it would take only 30 minutes for them to travel from Earth to the moon. This stellar “cannon fire” has continued once every 8.5 years for at least the past 400 years, astronomers estimate.

Source: Hubble detects giant ‘cannonballs’ shooting from star

Never explain, never apologize: Microsoft silent on Outlook.com email server grief

Posted on by
Reply

A tweak to Microsoft’s Outlook.com cloud service has blocked a good number of people from accessing their messages.

Specifically, the baffling and unannounced change affects Outlook.com users with connected accounts: these are email accounts hosted on third-party servers (such as a company’s private server or an ISP’s mail server) that are accessed via the Outlook.com cloud. People with this setup are no longer able to send or receive mail through Redmond’s webmail service.

Source: Never explain, never apologize: Microsoft silent on Outlook.com email server grief

MS cloud services are doing their best to piss people off!

Is this the real life? Is this just fantasy? Spotify serving malware, no escape from reality

Posted on by
Reply

The problem occurred with Spotify Free, which lets people to stream music gratis in exchange for being played and shown adverts. One advertiser sneakily embedded nasty software code into its Spotify ads that hijacked browsers on macOS and Linux systems.

We’re told the ads caused the computers’ default browsers to open up dodgy websites that then attempted to install malware or steal victims’ passwords.

“OS X and Linux users claim to have been hit with redirects to phishing and tech support scams,” said Pieter Arntz, a malware intelligence researcher at Malwarebytes Labs.

Source: Is this the real life? Is this just fantasy? Spotify serving malware, no escape from reality