IoT (Internet of Things) vendors are lagging behind in making it possible for security researchers to report bugs. Only 27.1% currently have a vulnerability disclosure policy, as shown in the latest annual report from the IoT Security Foundation (IoTSF). This complacency could be a major risk for consumers, and contravene recently enacted UK regulations that require such policies, with stiff penalties for non-compliance. Vendors based in Asia are more advanced in this area, with over twice as many having proper disclosure programs compared to European suppliers.
US charges suspected LockBit ransomware developer
The US Department of Justice has charged Rostislav Panev, alleged developer for the LockBit ransomware group, with 41 counts including wire fraud and extortion. Panev,