New IoT Regulations to Improve Security Standards, Adobe to Shut Down Flash Player and More in This Week’s News
New IoT Bill to Set Security Standards Proposed
A group of US senators has drafted a new bill aimed at enhancing the security of internet-connected devices, commonly called IoT.
The bill, also known as the “Internet of Things Cybersecurity Improvement Act of 2017”, was presented last Tuesday by Senators Mark Warner and Cory Gardner, and its main goal is to force suppliers to adhere to a new industry-wide standard, especially if working with the government.
The new bill forbids hard-coded credentials in IoT devices, which was the one vulnerability hackers exploited the most for hijacking and other nefarious cyber activities. The best example is last year’s massive DNS DDoS against Dyn which caused a large portion of the Internet to collapse.
The bill would also require vendors to make sure their devices are patchable and free from known vulnerabilities. It was drafted with the help from technology experts at the Atlantic Council and Harvard University.
Adobe to Retire Flash Player by 2020
Last week Adobe announced their plans on slowly retiring their Flash Player software. Although ultra-popular, the software is still packed with security flaws making it one of the most targeted channels for malware distribution and overall cyber criminal activities.
In a blog post, Adobe explained how more and more sites are shifting from Flash to HTML5 and WebAssembly which now provide the capabilities once pioneered by Flash.
The big guys (Apple, Facebook, Google, Microsoft and Mozilla) are already slowly sending the software into a deserved retirement, mostly disabling it or making it available only on request.
Verizon’s Director of Marketing Predicts AR as “The Next Big Thing”
In a brilliant blog post last week, Jason Friedlander, Director of Marketing Communications at Verizon, explained his views on augmented reality (AR) and its potential to really become the next big thing.
Although virtual reality (VR) stepped to the scene with a big bang, Friedlander sees VR as increasingly de-socializing, something completely opposite to the essence of human nature. From that perspective, it’s brother AR is easily going to achieve mass adoption as it is better aligned with the time and technology.
Worth mentioning is also that Apple announced their ARKit which will enable their phones to natively display AR content.
“In a few years, a spectator at a live sporting event will be able to simply point his phone camera at a player and see all the player’s stats. A dinner at a restaurant will aim his phone at the menu and see the nutritional value of the food he’s about to order. (…) I envision a time where the camera app is a platform all on its own”.
Level 3 Posts Q2 2017 Results
Level 3 Communications posted their financial reports earlier last week. Yet another successful quarter, brought in considerable profits further strengthening the company’s market position.
As highlights of their Q2 report, the company showed a net income at over $154 million; their adjusted EBITDA grew to $744 million but excluding the $22 million spent for CenturyLink acquisition expenses.
Level 3 also generated $564 million from operating activities and $236 million of free cash flow but excluding the $3 million cash expenses used for CenturyLink acquisition.
Read the full report on the link below.
Accidental Hero That Found WannaCry’s “Kill-Switch” Arrested by FBI
The British security researcher, Marcus Hutchins who became Internet famous by discovering the “kill switch” for the WannaCry ransomware has been arrested in the United States.
Marcus Hutchins, known as MalwareTechBlog on Twitter, was detained by the FBI after attending the Def Con conference in Nevada. Further reports from the U.S. Department of Justice say that Hutchins has been arrested by the FBI for “his role in creating and distributing the Kronos banking Trojan” between 2014-2015.
According to the indictment, the 22-year-old developed or helped develop, the Kronos malware which was distributed via emails containing malicious attachments used to hijack credentials like banking passwords.