IoT This Week
Consuming and curating the latest news for you.
April 25, 2018

This issue includes: NSA IoT encryption, router security, identify theft of children, the "Dirty Dozen" dangerous places to work, Ford will stop selling cars and much more...


MikroTik, a router which was being heavily targeted by hackers, has patched a zero-day issue which allowed a specific tool to connect to the Winbox port and request the user database file. The attacker would then decrypt the file and login using the user details.

The Online Trust Alliance released the "Enterprise IoT Security Checklist." It's a checklist of 10 best practices.

Lunera is making their Smart Lighting Platform for OEMs available with no hardware or firmware licensing fees. It includes an open, cloud based IoT software platform and a royalty free Smart Module reference design.

The NSA's plan to introduce encryption for the internet of things got shot down by the International Organization for Standardization (ISO). The NSA refused to provide the standard level of technical information.

How Schneider Electric connects devices and prevents outages with the industrial internet of things.

A survey by Broadband Genie revealed that most users have no idea about router security. 86% of the 2,205 respondents said they have never updated their router's firmware. Not surprising at all. 82% have never changed the admin password.


Another company, this one in the UAE, is joining the business model where you hoard iPhone vulnerabilities and sell them to governments and law enforcement. Just a bad, bad idea and ultimately results in the majority of every day users being put at risk.

A study by Javelin Strategy & Research found that more than 1 million children in the US have been affected by identity theft in the last year. Losses are more than $2.6 billion with cost to families at over $540 million.

Nintendo Switch hackers released a jailbreak that is said to be unpatchable due to a bug in the system's processor.

Bromium says that cybercrime profits have increased to $1.5 trillion. It would be the 13th largest GDP if it was a country.

Cryptocurrency mining malware, PyRoMine, also disables your security services using a leaked NSA exploit to spread itself on Windows machines.

The Orangeworm malware is targeting hospital equipment in an effort to steal patient data. It infects x-ray, MRI and other devices in addition to hospital workstations.

If you have the cryptocurrency Ethereum stored using you might want to check your account. The sites DNS was hijacked allowing attackers to gather user credentials by redirecting them to a counterfeit site.


MobileCoin just raised $30 million for mobile payments. This is a creation from the makers of Signal, the secure messaging app.

The Ocean Cleanup organization is starting to deploy their solution for cleaning up the Great Pacific Garbage Patch which consists of massive black tubes welded together.

Amazon is now delivering packages to your car as part of their Amazon Key Service.

Some of Tesla's manufacturing problems are the same ones made by existing car manufacturers back in the 1980s.

The National Council for Occupational Safety and Health has placed Amazon and Tesla in their "Dirty Dozen" list of the most dangerous places to work.

Toyota declined using Android Auto because of concerns about Google collecting information about vehicle speed, throttle position, coolant, engine temperature and engine revs.

Police in Florida failed to use a dead man's finger to unlock his mobile phone.

Ford will apparently stop selling cars in North America except for the Mustang and another vehicle. They will continue to sell trucks and SUVs. Seems to be a good idea to me.

10 countries are using Canadian filtering technology to censor the internet.

Get Involved!

The OWASP IoT Project is currently reviewing the Top Ten list for 2018. Provide your insight and expertise by joining the #iot-security channel meetups on Slack.

Support the IoT This Week Newsletter and Podcast.

twitter linkedin email