Network World

Ripple20 TCP/IP flaws can be patched but still threaten IoT devices

Network World - Wed, 06/24/2020 - 5:43pm

A set of serious network security vulnerabilities collectively known as Ripple20 roiled the IoT landscape when they came to light last week, and the problems they pose for IoT-equipped businesses could be both dangerous and difficult to solve.

Ripple20 was originally discovered by Israel-based security company JSOF in September 2019. It affects a lightweight, proprietary TCP/IP library created by a small company in Ohio called Treck, which has issued a patch for the vulnerabilities. Several of those vulnerabilities would allow for remote-code execution, allowing for data theft, malicious takeovers and more, said the security vendor.

That, however, isn’t the end of the problem. The TCP/IP library that contains the vulnerabilities has been used in a huge range of connected devices, from medical devices to industrial control systems to printers, and actually delivering and applying the patch is a vast undertaking. JSOF said that “hundreds of millions” of devices could be affected. Many devices don’t have the capacity to receive remote patches, and Terry Dunlap, co-founder of security vendor ReFirm Labs, said that there are numerous hurdles to getting patches onto older equipment in particular.

To read this article in full, please click here

Categories: Network World

Microsoft is buying CyberX to bolster its Azure IoT security

Network World - Mon, 06/22/2020 - 5:54pm

Microsoft has announced it will purchase the industrially focused network security vendor CyberX for an undisclosed sum in an effort to bolster the security capabilities of its Azure IoT platform.

The acquisition strikes at the heart of two key IIoT security pain points. While it’s comparatively easy to build new IoT devices that have all the necessary features for seamless security management, older devices running a wildly diverse range of different protocols, which may lack important features like the ability to be patched remotely, are a bigger challenge.

To read this article in full, please click here

Categories: Network World

Machine learning in Palo Alto firewalls adds new protection for IoT, containers

Network World - Wed, 06/17/2020 - 8:22pm

Palo Alto Networks has released next-generation firewall (NGFW) software that integrates machine learning to help protect enterprise traffic to and from hybrid clouds, IoT devices and the growing numbers of remote workers.

The machine learning is built into the latest version of Palo Alto's firewall operating system – PAN 10.0 –  to prevent real-time signatureless attacks and to quickly identify new devices – in particular  IoT products – with behavior-based identification.

To read this article in full, please click here

Categories: Network World

14 IT certifications that will survive and thrive in the pandemic

Network World - Wed, 06/10/2020 - 12:58pm
These tech certifications not only have high value now, but employers will continue to value them as the coronavirus continues.
Categories: Network World

IoT takes aim at social distancing

Network World - Mon, 06/08/2020 - 2:49pm

As many part of the U.S. are at least partially lifting lockdown sanctions prompted by the COVID pandemic, questions about the safety of those moves remain. IoT technology, however, might help alleviate some of those concerns.

The degree to which it’s safe to reopen certain workspaces hinges in large part on how strictly social distancing practices are followed, and IoT technology may have a role to play. Companies like Genetec, a building management and security firm, are rolling out products designed to help businesses manage their facilities during the pandemic.

To read this article in full, please click here

Categories: Network World

IoT takes aim at social distancing

Network World - Mon, 06/08/2020 - 2:49pm
How IoT technology can help enforce social-distancing rules by monitoring occupancy in workspaces.
Categories: Network World