As the number of IoT devices increases, keeping data secure and avoiding attacks remains a major concern. This article highlights how dangerous can vulnerable IoT devices be to our daily lives and outlines how to make your IoT devices less vulnerable against cyber threats.
Testing to find defects and bugs can be a time consuming, expensive, and repetitive task.Test automation is one such tool which can be extremely beneficial when utilized correctly. It helps streamline the entire process while reducing costs and shortening your development cycles. Additionally, it will help in avoiding tedious, repetitive tasks.
This article describes why test automation plays a crucial role in the success of software developments life cycle and outlines the five best practices which ensure that you’re using test automation to its greatest potential.
Web application vulnerabilities are some of the most common flaws leading to modern data breaches because websites are always prone to security risks and there is no such thing as a 100% secure site, with new vulnerabilities found all the time. This article highlights the common website security vulnerabilities, and tips on how they can be prevented.
‘The cloud’ has been an industry buzz word for some time now and whilst the initial focus was on data storage and sharing & spawned the likes of Dropbox – ‘cloud computing’ is currently the latest trend. This article from Aldec explores how HES cloud delivers access to a high-performance emulation platform.
Friday 23rd June saw a sustained cyber-attack against the UK parliament where up to 90 email accounts were hacked. The incidentgave rise to blackmail fears after hackers tried to break in to the accounts of MPs by searching for weak passwords.Reports suggest the houses of common Wi-Fi password is commonly known and that a worker in a McDonald’s branch across the road knew the password for Parliament’s Wi-Fi network.
International Trade Secretary Liam Fox said: “We have seen reports in the last few days of even cabinet ministers’ passwords being for sale online.And it’s a warning to everybody, whether they are in Parliament or elsewhere, that they need to do everything possible to maintain their own cyber-security.”
All this comes only 1 month after the large-scale WannaCry ransomware attack across the globe, crippling companies and critical government services including the National-Health-Service in the UK.
T&VS Recommendations to protect against future malware
The following are general security best practice advice:
Always ensure your Microsoft patches are up-to-date.
Enable firewalls and disable the following ports 137,138,139,445. These are the ports ransomware utilises.
Ensure Antivirus software is up-to-date.
Stop using any unsupported windows Operating System. Always aim to regularly upgrade to the latest OS.
Disable Microsoft server message block (SMB)
Regularly perform a secure backup of data into the cloud. This will allow a quick restore of data if an attack does occur.
Always be aware of phishing attacks. Avoid vulnerable websites and emails.
Finally, we would recommend you increase security awareness and give training for end users on how to protect themselves going forward.
Let T&VS ensure you are protected going forward. Our security team will analyse your infrastructure for potential weaknesses and provide assistance in ongoing security measures. If you would like to know more, please see T&VS Security or contact us via email.T&VS experts will provide a simple step-by-step guide to the actions you can take now to ensure your systems are protected.
Talk to Us
Contact one of our consultants today to discuss your requirements. No hard sales, just pertinent questions to understand your requirements so that we can help you take the next steps.
With the emergence of IoT, the healthcare industry is benefiting from seamless connectivity and latest technology advancements. As the technology for collecting, analysing and transmitting data in the IoT continues to mature, more and more smart and exciting new IoT-driven healthcare applications and systems are also emerging.
The IoT is no longer “the wave of the future,” but is instead “the wave of the present”. We are already living in a world where our appliances talk to each other, our vehicles reach into the internet to find traffic, and our cities are gearing up to regulate traffic and other civic needs via smart devices. To seize the IoT high ground, QA organizations need to view software testing beyond devices and sensors.
This article from DZone describes why a comprehensive QA and testing strategy is required for IoT to protect applications from organic failures or cyber-attacks.
The rapidly growing popularity and adoption rate of IoT is encouraging more and more cyber criminals to malware by targeting IoT devices, applications, and deployment environments. Security is one of the challenges that needs to be met in an accelerated and focussed way to ensure the potential of IoT is fully realised. This article explores how to overcome the key security and privacy challenges of IoT-enabled solutions.
This article from Semiengineering captures the conversation from industry experts on why a few years ago, high level synthesis(HLS) was the heart of a new electronic system flow and considered as most emerging technology and why today, we hear much less about the progress being made in this area. They also discussed how it impacts in the near future.
The Internet is a hostile space for water utilities and their SCADA (Supervisory Control and Data Acquisition) systems. In a recent article Global Water Intelligence Magazine spoke to a number of security experts, including T&VS about how utilities should go about protecting themselves from malicious attacks.
The lessons from the Water utilities can equally apply to any industry where the increasing adoption of open internet protocols and wireless devices is forcing companies to evaluate their cyber security risk profile and strengthen their knowledge of cyber threats.
In the article Mike Bartley, CEO of T&VS, outlined that a good way to gauge a vendors solutions is to check if they at least adhere to the (Open Web Application Security Project) OWASP IoT Top 10 list of security vulnerabilities.
“I think if you’re looking at what is best practice then a lot of people can say OWASP is a good place to go to,” he said. “If they can say we’ve secured ourselves against the OWASP Top 10 that’s probably good practice but they should be able to demonstrate they have an ongoing assessment of the top 10 as well.”
The TVS newsletter is aimed at informing you about industry news, events and information from TVS and our industry partners with no selling. It is easy to unsubscribe if we do not fulfil that promise.
So if you want the latest on testing and verification subscribe below.
We never share your information with any third parties.
The 2-day Formal Verification Bootcamp is for design and verification engineers looking to enhance their knowledge of formal verification and to learn how to write effective assertions to find and fix bugs. The course is a mix of presentations and hands-on development exercises.