Tag Search: The Internet
Members of the US Senate and House of Representatives introduced the Internet of Things Cybersecurity Improvement Act on Monday, hoping to bring legislative action to the emerging technology. From a report: Connected devices are expected to boom to 20.4 billion units by 2020, but they don't all have the same levels of security. Hackers often target IoT devices that don't have built-in security, leading to problems like default passwords and vulnerabilities that can't be fixed. [...] Lawmakers are looking to fix that with the bill, which would require a bare minimum of security standards for any IoT devices that the federal government uses. "While I'm excited about their life-changing potential, I'm also concerned that many IoT devices are being sold without appropriate safeguards and protections in place, with the device market prioritizing convenience and price over security," Sen. Mark Warner, a Democrat from Virginia, said in a statement.
Remember when dozens of Americans said their names were used for fake comments sent to America's FCC opposing net neutrality? Now Gizmodo's taken a hard look at their past interviews with Dan Germain, the CTO of a company that helps lobbyists construct digital "grassroots" campaigns -- and at the conservative nonprofit Center for Individual Freedom (CFIF). Attempting to confirm or disprove the alleged link between CQ and CFIF, Gizmodo initiated its own review of the API data logs last week, focusing on comments from dozens of people who claim they were impersonated online.... [T]imestamps contained in the API logs reveal an unmistakable correlation between the use of CQ's API key and numerous identical comments containing CFIF's text... By comparing the API logs to comment data that the FCC had already made publicly available, Gizmodo found more than a dozen comments containing CFIF's boilerplate language... In each successful case, the comments were received by the FCC while CQ's API key was in use, with the logs reflecting deviations in the timestamps roughly equivalent to the blink of an eye... Prior to CQ becoming a subject of interest in an ongoing criminal investigation, Germain explained at length that his company had created a platform specifically to direct comments to the FCC and that it had been operational since at least 2016.... Whereas many of the groups responsible for uploading millions of comments requested only one or two API keys, logs show that CQ, over a period of several months, requested no fewer than 114. The article notes that identical comments using language from CFIF "are now suspected of having been uploaded using CQ' software" -- and that they were submitted to the FCC "several hundred thousand times."
The FBI is advising users of consumer-grade routers and network-attached storage devices to reboot them as soon as possible to counter Russian-engineered malware that has infected hundreds of thousands devices. Ars Technica reports: Researchers from Cisco's Talos security team first disclosed the existence of the malware on Wednesday. The detailed report said the malware infected more than 500,000 devices made by Linksys, Mikrotik, Netgear, QNAP, and TP-Link.