In this, our 70th episode of The Security Ledger podcast, we speak withXu Zou of the Internet of Things security startup Zingbox about the challenges of securing medical devices and clinical networks from cyber attack. Also: we take a look at the turmoil that has erupted around the OWASP Top 10, a list of common application security foibles. And finally: open source management vendor Black Duck Software announced that it was being acquired for more than half a billion dollars. We sit down with Black Duck CEO Lou Shipley to talk about the software supply chain and to hear what’s next for his company.
A survey by Forrester and the firm Forescout finds business leaders in a state of high anxiety over the Internet of Things, as more connected devices infiltrate the workplace.
The NotPetya malware infection shut down pharmaceutical giant Merck’s production of the pediatric vaccine GARDASIL last June, forcing the company to borrow the drug from a stockpile maintained by the U.S. Centers for Disease Control and Prevention to meet demand.
A new joint FBI-DHS report dishes the dirt on recent sophisticated attacks targeting the US energy grid and critical infrastructure, saying third party firms and web sites to gain access to energy and other critical infrastructure networks. It also names a sophisticated hacking group believed to be linked to the government of Russia.
Pressure is mounting on Russian antivirus vendor Kaspersky Lab with office supplies giant Office Depot offering to remove it from customers’ computers for free and a Congressional hearing on the company’s links to Russian intelligence scheduled for later in October.