Internet of Things

Huge Survey of Firmware Finds No Security Gains in 15 Years

A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors.

Spotlight Podcast: Unpacking Black Hat Hacks with Digicert CTO Dan Timpson

In this Spotlight Podcast, we broadcast from the Black Hat Briefings in Las Vegas Nevada. Dan Timpson, the Chief Technology Officer at DigiCert joins us to talk about some of the high profile hacks at this week’s “hacker summer camp” and the common weaknesses and security lapses that are common to all of them.

Opinion: We need a way to talk about Cyber Physical Risk

How does a flaw potentially affecting the integrity of printer management application get a “critical” severity rating and one affecting the integrity and operation of anesthesia machines get a “moderate” severity rating? It has to do with our evolving and still immature system of rating (and therefore thinking about) cyber risk.

Episode 152: What the Silex Malware says about IoT Insecurity and Cloud Security CEO Steve Mullaney on Amazon ReInforce

In this week’s podcast episode, #152: we talk with Akamai researcher Larry Cashdollar about his discovery of Silex, a new example of IoT killing malware allegedly authored by a 14 year old. Also: Steve Mullaney, the CEO of the cloud security start up Aviatrix joins us to talk about Amazon’s new cloud security conference: Re:Inforce.

Episode 151: Ransoming the City with Cesar Cerrudo of IOActive

In this week’s episode, #151: Cesar Cerrudo, the head of research at the firm IOActive joins us to talk about the recent spate of massive ransomware payouts and why municipal government networks are the favorite target of hackers these days.