Voicemod

Voicemod

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

FULL VERSION + CRACK
Logic Pro X

Logic Pro X

A fully-featured recoding studio that provides a complete set of tools for musicians who need to write, record, edit and mix music

FULL VERSION + CRACK
Internet Download Manager (IDM)

Internet Download Manager (IDM)

Push your Internet connection to the limits and cleverly organize or synchronize download processes with this powerful application

FULL VERSION + CRACK
Flvto Youtube Downloader

Flvto Youtube Downloader

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

FULL VERSION + CRACK
Soni Typing Tutor

Soni Typing Tutor

Improve your typing speed with the help of this approachable application that provides you with a host of exercises as well as tests

FULL VERSION + CRACK

IT News

Jun 19
The social media powerhouse plans to launch a blockchain-based financial network and cryptocurrency in 2020 that will allow users to make purchases or transfer funds with just a couple taps on an app.
Jun 18
MongoDB aims to prevent exposed data stores by encrypting data in a way that makes it useless if compromised.
Jun 18
State of CSS 2019 report details which CSS features and tools developers use, which they don't use, and which they prefer
Jun 18
VMware punched up its data center network virtualization capabilities by announcing it would buy Avi Networks load balancing, analytics and application delivery technology
Jun 18
Report: Mirai tries to hook its tentacles into SD-WAN
Palo Alto Networks' security team says an update of the infamous IoT-focused Mirai software targets enterprise-grade SD-WAN appliances
Jun 14
For years we've been flailing around in the dark after bad patches wreaked havoc on Windows PCs. It often took days, or weeks, to identify bugs based on sporadic reports. The last two months have seen improvement, but there's still a...
Jun 13
Many believe the ban on exporting U.S. technology to Chinese company Huawei could hurt American tech vendors and do little to mitigate supply chain threats.

Categories

Study: Most enterprise IoT transactions are unencrypted

Of the millions of enterprise-IoT transactions examined in a recent study, the vast majority were sent without benefit of encryption, leaving the data vulnerable to theft and tampering.

The research by cloud-based security provider Zscaler found that about 91.5 percent of transactions by internet of things devices took place over plaintext, while 8.5 percent were encrypted with SSL. That means if attackers could intercept the unencrypted traffic, they'd be able to read it and possibly alter it, then deliver it as if it had not been changed.

Researchers looked through one month's worth of enterprise traffic traversing Zscaler's cloud seeking the digital footprints of IoT devices. It found and analyzed 56 million IoT-device transactions over that time, and identified the type of devices, protocols they used, the servers they communicated with, how often communication went in and out and general IoT traffic patterns.

The team tried to find out which devices generate the most traffic and the threats they face. It discovered that 1,015 organizations had at least one IoT device. The most common devices were set-top boxes (52 percent), then smart TVs (17 percent), wearables (8 percent), data-collection terminals (8 percent), printers (7 percent), IP cameras and phones (5 percent) and medical devices (1 percent).

While they represented only 8 percent of the devices, data-collection terminals generated 80 percent of the traffic.

The breakdown is that 18 percent of the IoT devices use SSL to communicate all the time, and of the remaining 82 percent, half used it part of the time and half never used it.The study also found cases of plaintext HTTP being used to authenticate devices and to update software and firmware, as well as use of outdated crypto libraries and weak default credentials.

While IoT devices are common in enterprises, "many of the devices are employee owned, and this is just one of the reasons they are a security concern," the report says. Without strict policies and enforcement, these devices represent potential vulnerabilities.

Another reason employee-owned IoT devices are a concern is that many businesses don't consider them a threat because no data is stored on them. But if the data they gather is transmitted insecurely, it is at risk.

5 tips to protect enterprise IoT

Zscaler recommends these security precautions:

This story, "Study: Most enterprise IoT transactions are unencrypted" was originally published by Network World.