Microsoft launched a new MCU that offers device connectivity to Azure platform with builtin security to offer a secure pipe for control and data communication..
Microsoft has fully embraced Unix with a variant as Kernel and calls it Azure Sphere OS!.
Produced by MediaTek, it is a single-core ARM-A7 running at 500MHz with Wi-Fi and other I/O connectivity options..
Amazon had a similar OS launch last year, It is OS alone with capability to run it on any chip that can be embedded into devices. Microsoft has gone one step further to test it with a particular chip also.
There is a new security hack that has been found recently that takes advantage of the Windows internal mechanism by following it’s design pattern rather than act on the vulnerabilities like other hack attacks!. More details here
Looks like it is Microsoft feature that is getting exploited that helps in keeping the OS secure, so truly it seems to a atom bomb that Microsoft may not be able to protect it’s OS for sometime!. Need to watch out for more information on this.
Mirai IoT botnet was in news for a huge hacking that went through. The Botnet code was opensource y’day and it took only 61 password combinations to do it!. Surprisingly 80% are still having telnet open, more details here.
Shocking to see so many MongoDB instance exposed over net without basic security, many of them may be experimental(local db), but it does stress the importance of securing data that goes to public cloud!.
Blockchain and BitCoin are always discussed together, but this article gives a different take on use of blockchains.
I think Blockchain can be effectively put to use like DNS(that doles out name to IP mapping) as the lookup for who is authoritative resource for the security and rights of a Digital Document and others can offer the same document cached from their repository!.
As mentioned in article this becomes very critical in distributed, semi-connected environments like Industrial IoT and healthcare where centralized data management increases the risk of attack can be highly dangerous!.
Called Amazon Inspector, it is an automated security assessment service that finds security or compliance issues when deploying applications on AWS.
It is offered since many organizations do not have enough security personnel on staff to perform time-consuming manual checks on individual servers and other resources!.
It is currently in Preview, check it out here : http://aws.amazon.com/inspector/
Microsoft also announced a similar service termed Microsoft Azure Security Center.