Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2023

R4IoT: When Ransomware Meets the Internet of Things

Originally published June 1, 2022 In mid-2022, Forescout Research – Vedere Labs developed R4IoT, a proof-of-concept that showed how IoT devices could become entry points for IT and further OT ransomware attacks. The original blog post, below, explains how we came to create R4IoT and why. Our 2023H1 Threat Review included ample evidence that cross-device attacks like R4IoT are now a reality.

The world needs start-ups to meet IoT security challenges

I read this article earlier this week from Jeff Vance and I was buoyed by the refreshing reflection of reality – Jeff really hits the nail on the head. As the CEO of a cyber security start up, we see, hear, and feel these points daily and the fact is that so many larger security or network businesses claim to solve problems that they cannot. Not only is this doing a disservice to customers but to the wider security landscape. Let’s explore this further…

Defensics extends fuzzing capabilities for IoT markets

Internet of Things (IoT) devices are becoming ubiquitous, with billions deployed in the world. And threat actors are constantly looking for vulnerabilities in them because, unlike traditional IT devices, once IoT devices with fixed firmware are deployed, it is often impossible to fix problems. That’s why it is critical to thoroughly test the security and resilience of IoT devices before deployment, using the same methods that hackers use.

A Comprehensive Guide to Identity Access Management (IAM)

Secure your digital landscape and maintain compliance with regulations by embracing an Identity Access Management (IAM) system. In this guide, you will learn the significance of IAM, its key components as well as how to implement it in your organisation and manage access to identity management solutions more effectively – securing sensitive data from unauthorised personnel so that employees can easily gain access to all necessary tools for their job roles.

Security Issues of IoT: Securing Your IoT Device in 2023

The Internet of Things (IoT) has made a huge impact on our lives, connecting homes, workplaces and cities in ways that was once only seen as futuristic. But this connectedness comes with its own set of security challenges which need to be addressed. Are we doing enough to protect ourselves from potential security vulnerabilities now?

What is ZTNA? Benefits and Implementation Explained

Organizations must stay ahead of the ever-changing landscape of cyber threats and embrace Zero Trust Network Access (ZTNA), a modern approach to network security. With ZTNA, granular access control is enforced along with identity-based authentication for secure and efficient networks that protect valuable assets. Are you ready to experience the benefits offered by this revolutionary zero trust implementation of network access?

R4IoT: When Ransomware Meets IoT and OT | Forescout Research

Forescout Research - Vedere Labs has released a demonstration, report and detailed playbook describing how organizations can protect themselves against R4IoT: a novel, proof-of-concept ransomware that exploits an IoT device to gain access and move laterally in an IT network and impact the OT network. This demonstration is backed by rigorous research into IT, OT and IoT asset vulnerabilities as well as current ransomware trends.

What Is IoT Security?

Internet of Things (IoT) security protects IoT devices and the networks to which they connect from cyberattacks. IoT devices can include anything that connects to your internet including doorbell cameras, baby monitors, smart bulbs and thermostats. This presents a cybersecurity risk because anything that can connect to your internet is at risk of being hacked.

What Is Zero Trust? Top Benefits & How It Works

Organizations are tasked with the continuous challenge of having to keep up with advancing cyber threats and must change their security strategies for them to remain secure. Zero Trust Security is a response that demands identity validation from all users, devices, and networks, thus eliminating implicit trust altogether.