With the intelligence and informatization of medical devices, many off-the-shelf software (OTS) are being applied in medical devices. On August 11, 2023, the FDA released the Guidance for Industry and Food and Drug Administration Staff on Off-The-Shelf Software Use in Medical Devices, which aims to provide information that applicants should include in the documentation submitted … Read more
In recent years, children’s smartwatches have become popular among parents and children. However, due to the unique nature of child users, the underlying concerns have also attracted widespread attention. Recently, the alliance technical specification formulated by the China Cybersecurity Industry Alliance, the “Guidelines for the Protection of Personal Information and Rights of Children’s Smartwatches,” has … Read more
Introduction Industrial automation consists of two parts: networking and interconnection of devices, and the design and manufacturing of embedded devices. The development of the Internet of Things (IoT) poses challenges to the interconnectivity and information security of factory, industrial facilities, and service equipment. Previously, when devices were not connected to the internet, everything was safe; … Read more
2024.12.13~12.19 Attack group intelligence Mask APT reappeared, targeting Latin American organizations. Attack Bitter APT utilized WmRAT and MiyaRAT malware to attack Turkish defense organization APT-C-36 (Blind Eye Eagle), continuously launching attacks against Colombia. Gamaredon deployed in former Soviet states Andr…
Emergency Response Steps: 1. Focus on ensuring business stability. Blacklist IP, rate limit, human verification code. First, activate the operational emergency plan to ensure stable business operation and system stability (network, system files, startup items, libraries, memory). Experience is irreplaceable. Think about security incidents with an event correlation mindset. All operations must be recorded with … Read more
Embedded engineers should enhance their understanding of system security, comprehend the essence of security threats, and master effective protection strategies. Through in-depth analysis, it is hoped to stimulate awareness of embedded security both within and outside the industry, and jointly promote the development of a safer and more reliable intelligent ecosystem. Due to the special … Read more
1. Introduction On the Android platform, the Java code written by programmers is ultimately compiled into bytecode that runs on the Android virtual machine. Since Android came into the public eye, decompilation tools such as apktool and jadx have emerged one after another, becoming increasingly powerful. The bytecode compiled from Java has become vulnerable in … Read more
More and more IC manufacturers are exploring a chip-level security technology to protect data, known as Physically Unclonable Function (PUF). Although the chip manufacturing process is very precise, there are still slight differences in each circuit on the chip, and this technology takes advantage of that difference. PUF uses these minute variations to generate a … Read more
Recently, two American internet service providers suffered a network attack, causing many well-known websites to be inaccessible, claiming that half of America’s internet was paralyzed. Subsequent investigations revealed that hackers exploited viruses to infect IoT devices, which were then used to launch network attacks. Internet security experts stated that the number of infected IoT devices … Read more
IoTSeeker, produced by Rapid7, is a network scanning tool for default password credentials of IoT devices, capable of scanning specific IoT devices to determine whether they are using default or factory-set password credentials. Tool Introduction The cause of the large-scale network outage in the United States was investigated to be malware exploiting default password credentials … Read more