The VDOO Blog
All you need to know about IoT security
Subscribe to VDOO newsletter
July 14, 2020
Device Security Newsletter - July 2020
Discover one of the most interesting vulnerabilities of the year and many more of the latest device attacks, vulnerabilities and regulations in the latest edition of our device security newsletter.
16 min read
July 1, 2020
Medical Device (IoMT) Cybersecurity 101
In this article, we look into some considerations which place the Internet of Medical Things (IoMT) apart from other verticals and describe some of the best ways to address the resulting compliance needs with automated tools
26 min read
June 17, 2020
The Case of BusyBox Wget: A Long Overdue Fix
To address the poor security state of the connected device market developers need to implement reasonable security measures which can establish a first line of defense, instead of sacrificing security in favor of functionality and releasing insecure code.
11 min read
June 9, 2020
Device Security Newsletter - June 2020
May brought with it very interesting attacks and vulnerabilities. Read on to learn about a Bluetooth vulnerability that threatens billions of devices, unique Linux malware, source code leaks, new IoT labels, and much more
14 min read
June 3, 2020
NERC CIP Industrial Cybersecurity Standards: What You Need to Know Before the Deadline
Industrial device and software vendors beware - new cybersecurity standards are coming into effect in just a few months with the regulatory enforcement capabilities required to impose heavy monetary fines on violators.
14 min read
May 24, 2020
What Can Be Learned from the Recent HKSP Vulnerability
Even highly experienced developer groups that directly deal with software security may introduce very simple and easily exploitable bugs. A procedure must be put in place that requires a complete examination and security assessment of the full product.
7 min read
May 18, 2020
Device Security Newsletter - May 2020
Dark Nexus is the name of a new emerging IoT botnet that is used to launch DDoS attacks. The botnet spreads using exploits and launching credential stuffing attacks against a broad range of IoT devices including routers, video recorders and thermal cameras
13 min read
May 6, 2020
Smarter Black-box Fuzzing of Industrial Communication Protocols
Industrial control systems (ICS) can become a significant vulnerability for major large-scale industrial enterprises. Attacks that utilize them can yield incredible physical damage, which malicious actors can leverage for financial or political gain.
27 min read
April 22, 2020
Head-to-Head: Penetration testing vs. vulnerability scanning
We compare several approaches to the verification phase of the embedded device's security process: manual QA, pen-testing, certification, and automated scanning
23 min read