The prevalence of Internet-of-Things (IoT) devices makes them a prime target for hackers, due to their often weak built-in security measures. Key vulnerabilities include limited security capabilities, hardcoded passwords, lack of encryption, and poor update mechanisms. Common attacks include botnets, ransomware, and destructionware, which could take control of the device, steal sensitive data, or disrupt vital infrastructure. To protect IoT devices, users are urged to use strong authorization methods, always-on encryption, and regularly apply patches and updates, among other steps. Detecting IoT malware is still a challenge, with electromagnetic signal analysis suggested for future detection methods.
The first UEFI bootkit malware for Linux has been detected, so users beware
ESET researchers have revealed a first-of-its-kind Linux UEFI bootkit, named ‘Bootkitty’, which could pose a significant risk despite being in early stages of development. The
