With the upcoming end of the year holidays, this will be the last newsletter for 2024. The next newsletter will be on January 10th, 2025. To everyone, thank you for your continuing readership and wishing you all the best in the New Year!
A bi-weekly newsletter on IoT with a bent towards cybersecurity. If you find this interesting, I’d really appreciate it if you could share the love and pass it on to others who might enjoy it as well!?
- Latest AI regulatory activity from China? Baidu, Alibaba, Tencent execs among Big Tech members on new China AI standards committee (South China Morning Post)
- IoT cybersecurity regulations now in force? D-Day for the EU Cyber Resilience Act (JDSupra)
- “The agency also released almost 1,300 cyber defense alerts and advisories through the Joint Cyber Defense Collaborative during fiscal year 2024”? CISA’s pre-ransomware alerts nearly doubled in 2024 (Cybersecurity Dive)
- “TSA’s NPRM would impose cybersecurity requirements on designated critical surface transportation sectors—including pipelines, freight railroads, passenger railroads, and bus operators—adapted from the cybersecurity framework developed by the National Institute of Standards and Technology and the cross-sector cybersecurity performance goals developed by the Cybersecurity and Infrastructure Security Agency (CISA)”? TSA rule would require cyber risk management for railroads, buses, and pipeline operators (JDSupra)
- “U.S. authorities have repeatedly warned the water industry that state-linked hacktivist groups and financially-motivated threat groups have targeted the water industry” ?US subsidiary of global water treatment firm probes November cyberattack after data encrypted (Cybersecurity Dive)
- Latest concern for water system? US Water Facilities Urged to Secure Access to Internet-Exposed HMIs (Security Week)
- “According to Claroty, the IOCONTROL malware is a cyberweapon used by Iran to attack civilian critical infrastructure”? Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel (Security Week)
- “Australia – as a member of the Five Eyes intelligence sharing alliance – aims to move more quickly than NIST … by declaring that various legacy cryptographic algorithms "will not be approved for use beyond 2030"? Australia moves to drop some cryptography by 2030 – before quantum carves it up (The Register)
- Increase of credit risk is also a side effect of cybercrime? Credit risk rising as attackers strike larger companies: Moody’s (Cybersecurity Dive)
- And you might not be able to rely on your cyber insurance as much as you thought? Why your cyber insurance may not cover everything: Finding and fixing blind spots (SC Media)
- It’s concerning that the a major auto industry cybersecurity group is relying on volunteers to help with supply chain cybersecurity issues? VW Cybersecurity Manager Seeks Strength in Numbers (Bloomberg $)
- Not surprisingly AI is the top but cybersecurity doesn’t make the list, although regulation does? Ten IoT predictions for 2025 – from Transforma Insights (RCR Wireless News)
- More spectrum for IoT? FCC Opens Entire 6-GHz Band to Very-Low-Power Device Operations (TV Technology)
- And yet another wireless standard for IoT? 100mn Wi-Fi HaLow devices to enter the market by 2029 (New Electronics)
- Some good news, especially since IoT devices are often hijacked into bot nets? Dozens of popular DDoS sites raided ahead of potential Christmas attacks (The Record)
- Recent embarrassing IoT cybersecurity slipups
- Botnet of 190,000 BadBox-Infected Android Devices Discovered (Security Week)
- Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices (Security Week)
- Researchers find security flaws in Skoda cars that may let hackers remotely track them (TechCrunch)
- Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets (Wired)
Thank you for reading! Comments and other feedback welcome at [email protected]
