PHP Servers and IoT Devices Face Growing Cyber-Attack Risks
A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys
IoT systems connect sensors and control networks, so device identity, secure updates, data protection, and reliable operation support safety and availability.
Search across headline titles and summaries.
Background for this topic.
Internet of Things (IoT) comprises physical devices—such as sensors, cameras, appliances, vehicles, medical equipment, and industrial controllers—that collect data, perform actions, and communicate with other devices or cloud services. Its distinctive assets include telemetry, control functions, device identities, and sometimes sensitive location, health, or operational data. Availability and integrity can be safety- or production-critical, while many devices have limited processing capacity, long service lives, and constrained maintenance access.
Security depends on the complete device lifecycle: maintain an accurate inventory, replace default credentials with unique authentication, verify firmware and provide signed, supportable updates, and restrict management interfaces through network segmentation. Exposed services, insecure update mechanisms, weak device-to-cloud APIs, physical access, and third-party components can enable unauthorized monitoring or control, compromise other systems, or conscript devices into attacks. Privacy protections should limit collection and access to telemetry, and monitoring should support detection and safe isolation without disrupting essential operations.
Weekly headline count for the current query.
A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys
A vulnerability in Kigen eUICC cards has exposed billions of IoT devices via flawed eSIM profile management
The FBI says mainly Chinese-made IoT devices pose a threat from Badbox 2.0 malware
The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security
The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet
Claroty revealed that 89% of healthcare organizations use the top 1% of riskiest Internet-of-Medical-Things (IoMT) devices
Massive IoT data breach exposed 2.7 billion records including Wi-Fi credentials
Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally
The voluntary Cyber Trust Mark labeling program will allow consumers to assess the cybersecurity of IoT devices when making purchasing decisions
IOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty
DDoS campaign by Matrix targets IoT devices and servers, exploiting weak credentials and public scripts
Zscaler’s latest report finds 54.5% of IoT attacks target manufacturing, with the industry suffering more than three times the weekly attacks of other sectors
Androxgh0st botnet has expanded, integrating Mozi IoT payloads and targeting web server vulnerabilities
A new Forescout report found that IoT devices containing vulnerabilities surged 136% compared to a year ago, becoming a key focus for attackers
IoT manufacturers, retailers and importers must comply with new security legislation, the PSTI act, from today
The voluntary FCC program will allow smart device manufacturers to demonstrate to consumers that their product has met robust cybersecurity standards
The Viakoo study also said 50% firms faced IoT cyber incidents in past year, 44% of which were severe
Nozomi Networks reveals increasingly sophisticated attacks targeting bugs and other vectors in IoT and OT environments
ESET said the kill switch demonstrated various functions, including disabling the parent process
FortiGuard Labs said the new campaign incorporates 13 distinct payloads