penetration testing

Opinion: If it Ain’t Broke, Try Harder

In-brief: Mike Tyson famously said of an opponent that ‘everyone has a plan until they get hit.’ That’s useful advice for information security teams worried about whether their existing network security plans will hold up to the onslaught of the Internet of Things, says Marc Blackmer of Cisco.

Podcast: Interview with Car Hacker Chris Valasek of IOActive

Podcast: Play in new window | Download (31.6MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: Security Ledger Editor in Chief Paul Roberts speaks with Chris Valasek, the Director of Vehicle Research at IOActive about the work he and Charlie Miller did to develop wireless based attacks that control the braking, steering and acceleration of late model Chrysler vehicles. 

Security Firms See Dollars In Taming IoT Insecurity

In-brief: Security firms Trustwave and IOActive both announced services promising to help aspiring IoT product firms secure their products, more evidence that the Internet of Things is producing secondary markets.

FBI Affidavit Alleges Researcher Hacked Planes In Flight

In-brief: Did security researcher Chris Roberts attempt to tamper with in-flight systems during a United Airlines flight from Denver to Chicago in April? An FBI affidavit says “yes,” Roberts says “no way.” 

Cyber Security and IoT: Fundamentals Matter

I really struggled to come up with a clever analogy to start this post. In doing so I realized that this exercise was itself, the exact problem I was trying to describe. So much conversation about cyber security, especially cyber security for the Internet of Things (IoT), focuses on the sexy, the complicated, the one-in-a-million. In doing so, we ignore the most common threats and basic attacks. I would like to argue that if we are to effectively defend ourselves in this new IoT world, we cannot ignore the fundamentals of security. But let’s be honest: the basics are boring. I know that. Many of the practices that are most important are also the ones we’ve heard about before. As we look at them: there isn’t anything new there. That’s true – but I take that as proof that they are sound practices, worthy of keeping top-of-mind, rather than old knowledge that can be discarded. Here’s […]