In-brief: A hard-coded password in many versions of GE’s MultiLink industrial networking switches could open the door to hackers, the Department of Homeland Security ICS-CERT warned.
firmware
Software’s Sausage Factory: The Supply Chain
In-brief: Experts warn that supply chain insecurity run broad and deep, threatening the security and integrity of technology dependent organizations.
Another Supply Chain Mystery: IP Cameras Ship With Malicious Software
In-brief: The discovery of a malicious link buried in software for a common IP camera sold on Amazon and other online retail outlets is just the latest example of supply chain based threats to connected products.
UL Charges for Cyber Standards, Draws Scrutiny
In-brief: Product testing firm Underwriters Laboratories drew scrutiny by charging for copies of new standards for connected devices. But security experts say the new UL standards are poised to have a big impact – especially in industries like medicine and critical infrastructure.
Serial To Ethernet Converters are the Huge Critical Infrastructure Risk Nobody Talks About
In-brief: There are more warnings that a common piece of hardware known as Serial-to-Ethernet converters are very vulnerable to remote attacks – and more evidence that the vendors who manufacture them aren’t in a rush to fix the holes.
