Apptimate | Insights
3120
page-template,page-template-blog-masonry,page-template-blog-masonry-php,page,page-id-3120,page-child,parent-pageid-3161,dwpb-push-page,dwpb-allow-close,ajax_fade,page_not_loaded,,select-child-theme-ver-1.0.0,select-theme-ver-3.8.1,wpb-js-composer js-comp-ver-5.1.1,vc_responsive

Insights

The web is just steaming with blogs, company pages, news, etc, about things that interest us.

Since we are all about making things easy we collect interesting news and findings and add our point of view.

Please follow our curated channels on scoop.it:

Security in Internet of Things, Secure CommunicationPrivacy Protection and Mobility for Enterprise.

GDPR and the Cloud: 6 Key Points You Need to Know | CipherCloud

See on Scoop.itSecure communication

The clock is ticking and the GDPR is coming to a jurisdiction near you. Although it was created by the EU, most businesses most businesses realiz

Apptimate‘s insight:

ENISA (The European Union Agency for Network and Information Security) have put out specific guidance on how to implement it properly for the GDPR:

The encryption/embedding and decrypt/recovery operations must be carried out locally, because the keys used in them must remain in the power of the user if any storage privacy is to be achieved. Outsourced bulk data storage on remote “clouds” is practical and relatively safe, as long as only the data owner, not the cloud service holds the decryption keys.

 

The way apptimate.io does it. Simple implementation of end-to-end payload encryption making you GDPR compliant, at least when it comes to the data protection part.

Edward Snowden explains exactly how the CIA would hack your Samsung TV

See on Scoop.itPrivacy Protection

To hack into your Samsung TV, the CIA isn’t breaking into your house. They’re hacking it when you order on Amazon. 

That’s what Edward Snowden pointed out during an interview on Tuesday with The Intercept. The interview was taped live at SXSW for the podcast Intercepted

Apptimate‘s insight:

Interception of shipped goods is a common practice to install different types of wiretaps and hacks. Snowden explains how the Samsung TV hack can be done during such an interception. And, as he says, this is old stuff. Interception of computers in delivery to install backdoors and malware has been around longer than online shopping.

The Future Is in Fog Computing – DZone IoT

See on Scoop.itSecurity in Internet of Things

This overview of fog computing covers its general makeup and workings, its use to make IoT data more accessible, and how it stacks up against cloud computing.

Apptimate‘s insight:

Fog computing is a necessary architecture for latency and QoS reasons, for instance. It solves many problems, but it also make security more complex, depending on how data flows and are stored in the whole system or application. Payload Encryption, distributed authentication, etc. are necessary tools to implement.

Consumers are wary of smart homes that know too much

See on Scoop.itSecurity in Internet of Things

Nearly two-thirds of consumers are worried about home IoT devices listening in on their conversations, according to a Gartner survey released Monday.

Apptimate‘s insight:

Consumers believe that, for instance, connecting home appliances to each other and the internet can make life easier and homes more efficient. But, it’s not worth the privacy risk. Manufacturers must listen to this, read what’s been “WikiLeaked” about the CIA and start taking actions.

The CIA just lost control of its hacking arsenal. Here’s what you need to know.

See on Scoop.itSecurity in Internet of Things

WikiLeaks just released internal documentation of the CIA’s massive arsenal of hacking tools and techniques. These 8,761 documents — called “Vault 7” — show how their operatives can remotely monitor…

Apptimate‘s insight:

Anything connected, especially insecure IoT devices, can and will be exploited by governments, friend or foe, or cyber criminals. That’s why we cannot introduce backdoors in encryption. It would invite just about anyone into your private life, causing whatever harm they would like. Every IoT device is an open door if it’s not built with security as top priority from start. Adding security later is like painting the pig. The harm might already be done.

New cybersecurity report gets the hacker perspective

See on Scoop.itSecure communication

A cybersecurity report used a hacker survey to detail how adversaries think about attacking enterprise and how to best secure an environment.

Apptimate‘s insight:

“Some countermeasures that you think will to stop an attacker won’t even slow them down. Other defensive techniques that you think are totally arbitrary actually have a tremendous impact on your defensive posture”

Snowden Issues Warning — Do Not Use Google’s Messaging App Under Any Circumstances – Anonymous

See on Scoop.itPrivacy Protection

Edward Snowden has warned people not to use Google’s new chat app, because it lets the company read everything that they say.app Google has finally released its new chat app after showing it off over the summer. It comes with a robot that watches everything people say and then stores it for later analysis, using […]

Apptimate‘s insight:

Google Allo, the publishing app disguised as a chat app. With eternal history. Good for anyone researching YOU.

Dot Ransomware: Yet another Commission-based Ransomware-as-a-Service

See on Scoop.itSecure communication

The simplistic and straight-forward design of Dot ransomware enables just about anyone to conduct cybercrime. With all the support for bug fixes and developments, it’s astonishing to think that these malware services have evolved using traditional business models. Moreover, it allows cyber criminals to easily start a RaaS business with the free additional safety of an online anonymity framework from Tor service and Bitcoin.

Apptimate‘s insight:

Ransomware-as-a-Service makes it easy for anyone to become a cyber criminal

Why are public WiFi networks insecure?

See on Scoop.itSecure communication

If you follow tech and cybersecurity news, this is something that you see a lot: Public WiFi networks, the free wireless networks found at hotels, airports and cafes, are unsafe and can cut you some major cyberslack. As is the case with most threats, when something is publicized a lot, people tend to become less…

Apptimate‘s insight:

The problem is that most applications put their trust in the network and the servers, hubs, etc it communicates over. This works (mostly) when you are protected by a firewall on a private network, but never in the open. And even worse, it doesn’t work when your private network has been penetrated. 

 

A modern security architecture assumes zero trust in the network and users. Applications must take over the security responsibility, including payload encryption and strong user authentication mechanisms. 

How can we build a secure IoT world? – Help Net Security

See on Scoop.itSecurity in Internet of Things

The Internet of Things, as it is now, is a minefield of security issues that are just waiting to be exploited. How can we build a secure IoT world?

Apptimate‘s insight:

NB-IoT and 5G raise the following security requirements:

  • Unified and distributed authentication of IoT endpoints characterized by high concurrency and decentralization
  • Adaption to NFV software, automatic deployment, and dynamic programmability
  • End-to-end encryption and new lightweight encryption algorithms in an open environment
  • Cross-layer detection on attacks launched using devices of different vendors, and cooperation of multiple security functions

Hacking robots: Why it could be a lot easier than it should be | ZDNet

See on Scoop.itSecurity in Internet of Things

Security researchers say they have found a number of security flaws across a range of robots.

Apptimate‘s insight:

“It’s the same with IoT; some vendors are starting to worry about security, but we still see a lot of new products coming out with the same old security problems. It’s the same old story we’ve see with the car industry, IoT and medical devices“.

 

Start implementing encryption and authentication using the best available standards. Security is still difficult to get right but it is not about re-inventing the wheel. It’s about using best practices.

It’s raining. It’s pouring. This fake weather app is stealing your credentials

See on Scoop.itSecure communication

A new Android banking trojan poses as a legitimate weather forecast app in an effort to steal users’ banking credentials.

Apptimate‘s insight:

Good Weather for Android is bad for you. When trying a new app you should be very conscious about what credentials it is asking for. If it is looks strange, it probably is! A serious developer will never ask for anything their app doesn’t need.

Germany, France lobby hard for terror-busting encryption backdoors – Europe seems to agree

See on Scoop.itSecure communication

Crypto shouldn’t hold back cops, sniffs commission

Apptimate‘s insight:

“As has been pointed out many times, it isn’t mathematically or technologically possible to build a backdoor into encryption that is completely exclusive to a select set of people, and can’t be found and exploited by others.”

 

As a politician you can wish for a lot of things, but if it is mathematically impossible, it is. You cannot put legal requirements on using time travelling to prevent crimes either. Sci-Fi is Sci-Fi. Math is math.

This Android Trojan pretends to be Flash security update but downloads additional malware | ZDNet

See on Scoop.itSecure communication

Malware tricks users into opening Android Accessibility menu, enabling the attacker to mimic the user’s clicks and select anything displayed on their screen.

Apptimate‘s insight:

This kind of phishing technique can only be stopped by users being skeptic. Never click on a link that pops up, disregarding how legitimate it looks. Always go to the supplier web page to download the suggested update. Always check the URL of a link.

How to secure your IoT deployment in 10 steps | ZDNet

See on Scoop.itSecurity in Internet of Things

Seemingly every day there’s another story about Internet of Things (IoT) devices being compromised or used for large-scale attacks. Here are 10 steps to ensure that your deployment remains secure.

Apptimate‘s insight:

IoT security common sense broken down into 10 steps. Do you follow this? Do you have security common sense? If, not, you have some training to do.

Proof-of-concept ransomware to poison the water supply

See on Scoop.itSecurity in Internet of Things

Researchers have described how ransomware could potentially attack industrial control systems (ICS), and demonstratied how new malware threats might target core infrastructure, holding entire cities hostage.

Apptimate‘s insight:

Ransomware is all about extortion with the highest value when it threatens lives. So, of course, insecure IoT will be targeted.

Pwnd Android conference phone exposes risk of spies in the boardroom

See on Scoop.itSecure communication

Researchers could listen in on meetings and plant backdoors

Apptimate‘s insight:

Cybersecurity is very much an iterative process. Patching and updating is a day-to-day chore for product suppliers. Patching but sticking to old version OS with documented vulnerabilities is not good enough in the long run. Sometimes you run out of band-aids and need to operate on a patient.

3 precautions to make your customer data ‘unbreachable’

See on Scoop.itSecure communication

One of the biggest concerns businesses have in today’s information-centric landscape is the threat of a breach that leads to the loss of valuable data. Unfortunately, cybersecurity breaches are becoming increasingly common and more severe. Here are the 3 precautions you can take to keep your business safe.

So what can you do to help prevent this from happening to you?

Here are three major precautions to consider.

Apptimate‘s insight:

The cornerstones of protecting your users are security processes, encryption and staff training.

IoT: Case studies on fog computing and the Intel IoT Kit

See on Scoop.itSecurity in Internet of Things

Deploying an IoT gateway with strong processing capabilities not only makes it possible to get various “things” connected, it also enables much of the analytics to happen where these things are located.

Apptimate‘s insight:

Increased complexity means more attack surfaces. Edge computing is the way to go for IoT, but it requires the right security mechanisms. You cannot trust the network but have to take charge of the security and privacy issues in the application, through, for instance, end-to-end payload encryption.