Publication Date: 2021 / 01 / 11
Hackers are continuously growing their cyberattack methods in various ways. The Advanced Persistent Threat (APT) is moving their target from enterprises’ cybersecurity to the supply chain. The cybersecurity team constantly ignores open-source software security issues. Therefore, it wins hackers’ favor. The well-known provider of internet hosting for software development, GitHub, was hacked by hackers implanting malware in their source code. This attack was letting all developers who were using open-source code become helpers in creating backdoor programs for hackers unintentionally. When these back doors’ products are launched, they will be distributed…
Publication Date：2020 / 12 / 30
Connected devices for a diversity of applications are burgeoning thanks to widespread availability of 4G communication. As these connected devices are everywhere in our daily lives, any product security vulnerability could result in data breach and comprise user privacy. With governments and leading enterprises around the globe stepping up cybersecurity efforts, manufacturers have begun to engage third-party cybersecurity test labs to help validate their security implementations. Onward Security operates an ISO 17025 certified lab, which has been authorized by Amazon Alexa, CTIA and ioXt for device testing and security assessment. …
Publication Date: 2020 / 12 / 28
Company A is a world-renowned IoT device manufacturer. It has been deeply involved in the consumer network product market for many years and has a wide reputation. Many of its products are sold all over the world and have a large market share. Since everything is hackable in the era of Internet of Things (IoT), its products have become the target of hackers.
In the frequent attacks on IoT devices, the vulnerabilities that Company A faces include that malicious attacks are triggered by improper handling of device firmware credentials; account…
Publication Date: 2020 / 12 / 11
Original Source: https://www.onwardsecurity.com/laboratory/item/36
DevSecOps: Finding agility in automated development and security operations
CISOs will tell you that weaving security controls into product development is a daunting challenge and failing to do so has detrimental consequences.
The world’s first CISO, Steve Katz, says the security industry that exists today wasn’t even in anyone’s wildest dream. Technology, software development, and abundant risks in cybersecurity have become more sophisticated since Katz dawned the first CISO hat in 1994.
Two decades ago, a group of jaded software developers met at a ski resort in the…
Publication Date: 2020 / 10 / 29
Original Source: https://www.onwardsecurity.com/laboratory/item/34
With the increasing attacks on IoT devices, more and more IoT equipment are applied to different industries, the IoT security issue has attracted attention. Therefore, the cybersecurity standard implementation for IoT equipment has become crucial in recent years. Recently, the AIoT Forum was held for solving the IoT cybersecurity issues. A leading brand in cybersecurity and providing security compliance solutions for connected devices, Onward Security, was invited to the forum and delivered a constructive speech. Morgan Hung, General Manager of Onward Security, said that cybersecurity implementation and certification are imperative…
Publication Date: 2020 / 10 / 13
Original Source: https://www.onwardsecurity.com/laboratory/item/33
The diversified development of the Internet of Things (IoT) has brought business opportunities to various sectors. Many industries have successively launched connected products. In addition to the smart home appliance, smart camera and other consumer products, the non-consumer equipments in industrial control, medical, communications, transportation and other industries have also joined the ranks of the IoT. However, for this booming business opportunity, no one is happiest than the black industry chain. The fields that were originally difficult to capture have created new blueprints for attacks because of devices connected to…
Publication Date: 2020 / 10 / 13
Original Source: https://www.onwardsecurity.com/laboratory/item/32
On December 23, 2015, the Ukrainian power grid was attacked by a hacker, resulting in a blackout in the Ivano-Frankivsk region. This is the world’s first large-scale power outage caused by a hacker attack, and has caused all parties to attach great importance to the cybersecurity threats of critical infrastructure. In Taiwan, the cybersecurity incidents in the manufacturing, industrial and medical industries have successively occurred since the machines infected with viruses in the semiconductor industry in 2018. These are only part of large-scale and complex attacks. The above-mentioned cybercriminals attacking…
Publication Date: 2020 / 10 / 08
Original Source: https://www.onwardsecurity.com/laboratory/item/31
In the past few months, there have been many major domestic cybersecurity incidents . During May, the large petrochemical company and the semiconductor assembly and test factory were infected with ransomware. During June, the automation equipment factory was infected with ransomware, and the PCB manufacturer was infected with viruses. In July, the major wearable device manufacturer was also attacked with ransomware. …
Publication Date: 2020 / 08 / 19
Original Source: https://www.onwardsecurity.com/laboratory/item/30
Deployment errors will lead to cybersecurity crisis
In recent years, the government has been vigorously promoting Industry 4.0, also known as Smart Factory. Its focus is on the intelligence of the production line, which needs to integrate existing IT and OT technologies, and use numerous IoT devices, so as to meet the rapidly changing needs of customized manufacturing. In order to optimize the production process, it is an inevitable trend to adopt and deploy a large number of cybersecurity equipments. However, no matter how good cybersecurity products are (such as…
Publication Date: 2020 / 08 / 19
Original Source: 2020 / 08 / 19
With the development of technology and network transmission, mobile applications are increasingly popular. Many APPs have sprung up to bring people a high degree of convenience. Eating, clothing, housing, transportation, education and entertainment can be done through APPs. Since APPs have become an indispensable part of life, they have also become one of the channels for people with bad intentions to steal information. Almost everyone has such experience that when you download and use the APP, it will often pop up the page asking you to…
Onward Security, founded in 2014, is a leading brand in cybersecurity and provides security assessment solutions for connected devices.