Router and IoT Vulnerabilities: Insecure by Design

Tags: , , , , , , , , , , , , , , , |

When directed to manage an IoT device or router using a browser, passwords and all communications are typically passed over an unencrypted connection. This is a security vulnerability which needs attention.

UK Government Update on Plans for Consumer IoT Security Regulation

Tags: , , , , , , , , , , , |

Today, UK's Department for Digital, Culture, Media and Sport (DCMS) published its response to the Secure by Design call for views in its quest to change the law to make ‘smart’ products - like televisions, cameras and household appliances that connect to the Internet - more secure for consumers to use.

IoTSF ManySecured Special Interest Group

Tags: , , , , , , , |

With the support of the ManySecured project partners, the  IoT Security Foundation has created a Special Interest Group (SIG) to facilitate Interoperable Security through Collaboration with stakeholders in the IoT ecosystem value chain.

Introducing Crypto Quantique

Tags: , , , , , |

As a new member of the IoT Security Foundation, we asked the CEO of Crypto Quantique, Dr Shahram Mossayebi, to tell us how they are offering silicon vendors a unique hardware IP solution and complementary software platform to solve a number of security challenges including scalability, identity and cost.

The IoT Security Foundation and FIDO Alliance Announce Collaboration to Eliminate Passwords in IoT

Tags: , , |

Today, the IoT Security Foundation (IoTSF) and FIDO Alliance announced that they are collaborating to improve the status of IoT security.

IoT Security Foundation launches co-ordinated vulnerability disclosure platform for IoT industry

Tags: , , , , , , , , , , , , |

An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation (IoTSF). VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations.

Just 13% of Consumer IoT Firms Allow Vulnerability Reporting Despite Incoming Laws and International Standards

Tags: , , , , , , , , |

An analysis of 330 consumer IoT device manufacturers has revealed five of every six companies (86.7%, 286) don’t allow for vulnerability reporting. This would see them fall foul of new international standards and recently announced plans for a British IoT security law; as well as proposed Australian code of practice and recommendations from the US Dept of Homeland Security.

IAR Systems & Secure Thingz Announced as IoTSF Conference Headline Sponsors

Tags: , , , , , |

Release Date: 12th November 2019 The IoT Security Foundation (IoTSF) is pleased to announce that IAR Systems and Secure Thingz are the headline sponsors for the 5th Annual IoTSF Conference. The IoT Security Foundation Conference is a one-day event that will entertain and educate 300+ delegates with best practice, next-practice and

IoTSF Supports New Global Consumer Cybersecurity Standard with Self Certification

Tags: , , , , , , , , , |

ETSI TS 103 645 and IoTSF Mapping Document Released February 19th, 2019 Today, the ETSI Technical Committee on Cybersecurity (TC CYBER) has announced a global standard for cybersecurity in the Internet of Things. ETSI TS 103 645 is a high-level, baseline standard for Internet-connected consumer products which addresses the exploitation of poor security and consumer