There has been plenty of (digital) ink spilled in recent days about widespread processor flaws known as “Meltdown” and “Spectre.” We round up five articles that will help you understand these security vulnerabilities, how they were discovered and their likely impact.
In-brief: a security researcher demonstrated a broadcast-based attacks on smart televisions, almost three years after a similar demonstration by researchers at Columbia. More than 90 percent of smart TVs may be vulnerable – but carrying out an attack may be challenging.
In-brief: Fiat Chrysler is recalling 1.4 million vehicles to fix a software flaw that leaves the cars vulnerable to wireless hacks that could affect braking, steering and acceleration.
Mitch Thomas over at the security firm Tripwire has a good post on “architecting the security of things” that’s worth checking out. As an incumbent security vendor, Tripwire faces the same challenges and problems as other vendors who came of age securing traditional endpoints and enterprise IT environments. Among them: adapting to a nearly limitless population of new endpoints – many of them small, resource constrained embedded systems. As we’ve noted before: many of these systems aren’t capable of the kinds of interrogations (vulnerability- and malware scans just two examples) that many security tools take for granted.
In a move that heralded the growing convergence of information security and IT operations, Belden, a maker of industrial networking equipment, said it is acquiring Tripwire, an IT security services firm for $710 in cash. The announcement, on Tuesday, underscores the degree to which traditional IT security focused on securing enterprise networks is becoming part and parcel of the services that industrial firms wish to offer to their customers in heavy industries and critical infrastructure. [Read more Security Ledger reporting on Internet of Things and IT-OT convergence.] In a published statement, Belden said that, together, the companies will “work to deliver the next generation of cybersecurity solutions that can be deployed across enterprise, industrial, and broadcast markets.” John Stroup, President and CEO of Belden, said TripWire will extend his company’s capabilities. The two companies had previously worked together to improve critical infrastructure cybersecurity in manufacturing organizations, tailoring cyber security solutions for specific customer […]