Internet of Things security is a misnomer. By default, the connected things that have entered our mass market electronics devices have gaping security flaws. Device manufacturers, OEMs, and consortiums are collaborating and building frameworks and specifications for securing IoT devices and endpoints that they connect to.
On an increasingly massive scale, cybercriminals are repurposing connected Internet of Things (IoT) devices installed within our homes. These hackers use malware to enlist our smart thermostats, speakers, lights, and more as soldiers for their botnet armies – used in coordinated massive attacks causing security breaches that threaten the integrity of the internet.
The meteoric growth of the IoT industry has forced vendors to prioritize impressive top line features and cost efficiency, leaving security as an un-sexy afterthought.
IoT, Botnets, and DDoS attacks are on the rise and a significant problem for the internet, as well as your personal data. This blog outlines the risks, types of attacks, and even provides preventative measures for improved network and device security to keep you, your networks, and your IoT devices safe.
zvelo, the leading provider of website and device categorization, unveils zveloAPI™, an ultra-fast, secure API, for accessing the zveloDP datasets through cloud-based queries and streaming data feeds.
Recent events serve as the best example of how the context of security has shifted from the once server-centric model to that of a decentralized threat landscape. From the Heartbleed attacks to the widespread Internet Explorer vulnerabilities and finally the sensationalized OAuth issues, it appears that even organizations with a hardened perimeter infrastructure are just as vulnerable as an end-user at home.
zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.