Software

Episode 79: Hackable Nukes and Dissecting Naughty Toys

In this week’s Security Ledger Podcast episode, the UK -based policy think tank Chatham House warned last week that aging nuclear weapons systems in the U.S., the U.K. and other nations are vulnerable to cyber attacks that could be used to start a global conflagration. We talk with Eddie Habbibi of PAS Global about what can be done to secure hackable nukes. Also: with CES raging in Las Vegas last week, we go deep with security researcher Jay Harris on flaws in connected toys being sold to children.

Continue Reading

Five Essential Reads to Understand the Meltdown and Spectre Processor Flaws

There has been plenty of (digital) ink spilled in recent days about widespread processor flaws known as “Meltdown” and “Spectre.” We round up five articles that will help you understand these security vulnerabilities, how they were discovered and their likely impact. 

Continue Reading

Google details CPU flaws, claims AMD, ARM and Intel all affected

Google has come forward to claim responsibility for discovering a pair of serious security holes in Intel processors that run almost 9 in 10 computers in the world. And worse: the company has echoed a statement by Intel yesterday that the flaws are not specific to that company’s chips. Contrary to published reports, a blog post on the Google Security Blog by Matt Linton, a Senior Security Engineer at Google and Pat Parseghian, a Technical Program Manager said that flaws dubbed “Specter” (PDF) and “Meltdown” (PDF) are not limited to chips by Intel, but exist in central processing unit (CPU) chips by a wide range of vendors including Intel, AMD and ARM. Google discovered the flaws The flaws were discovered by Jann Horn, a researcher for Google’s Project Zero security team, discovered the flaw and showed how malicious actors could game a common CPU feature known as “speculative execution” to […]

Continue Reading

Update: Two Years After Discovery Dangerous Security Hole Lingers in GPS Services

Security researchers warned of a serious vulnerability in a GPS service by the China-based firm ThinkRace exposes sensitive data in scores of GPS services, more than two years after the hole was discovered and reported to the firm. (Update: added comment from John van den Oever, the CEO of one2track B.V – PFR 1/3/2018)

Continue Reading

Podcast: New Malware targets Industrial Safety Systems and Uncle Sam Bans Kaspersky – What Now?

In our latest podcast: industrial security expert Joe Weiss talks to us about Triton, a new malware family targeting industrial safety systems. Also: Dave Aitel of the firm Immunity Inc. joins us again to talk about new legislation banning government agencies from using anti malware software by Kaspersky Lab. And, Alan Naumann* of the firm Contrast Security talks to us about the major insurance firm that  joined the latest round of investment in his company, and why application security is everybody’s problem. 

Continue Reading
1 17 18 19 20 21 123