IoT (Internet of Things) vendors are lagging behind in making it possible for security researchers to report bugs. Only 27.1% currently have a vulnerability disclosure policy, as shown in the latest annual report from the IoT Security Foundation (IoTSF). This complacency could be a major risk for consumers, and contravene recently enacted UK regulations that require such policies, with stiff penalties for non-compliance. Vendors based in Asia are more advanced in this area, with over twice as many having proper disclosure programs compared to European suppliers.
‘Internal business directory’ accessed during cyber incident: NB Liquor – country94.ca
During a cyber incident, NB Liquor’s internal business directory was accessed by unauthorized individuals. The incident was confirmed by the company, stating that sensitive employee
