hackerone

Hacked Nukes

Episode 79: Hackable Nukes and Dissecting Naughty Toys

In this week’s Security Ledger Podcast episode, the UK -based policy think tank Chatham House warned last week that aging nuclear weapons systems in the U.S., the U.K. and other nations are vulnerable to cyber attacks that could be used to start a global conflagration. We talk with Eddie Habbibi of PAS Global about what can be done to secure hackable nukes. Also: with CES raging in Las Vegas last week, we go deep with security researcher Jay Harris on flaws in connected toys being sold to children.

Info on Intel Flaw Followed Offer of Cash Bounty

In-brief: the disclosure of a critical flaw in remote management software by Intel followed the company’s move, in March, to begin offering cash bounties for information about software vulnerabilities, an Intel spokesman confirmed. 

Department of Defense Sets Ground Rules for Hackers

In-brief: The U.S. Department of Defense published guidelines on Monday for independent security researchers to disclose vulnerabilities in DoD’s public facing systems. The program, managed by the firm HackerOne, provides a legal route for hackers to disclose vulnerabilities to the military.

Report: Feds Mull Bug Bounty Contest for Medical Devices

In-brief: Following the success of the Hack the Pentagon bug bounty program, officials at the U.S. Department of Health and Human Services are considering launching a similar program aimed at medical devices and other healthcare systems. 

EFF Warns of Security Culture Gap at Hardware Engineering Firms | TechCrunch

In-brief: A senior attorney at the Electronic Frontier Foundation warned about the security knowledge gap facing traditional engineering firms as they pivot to making connected devices.