In-brief: In this Security Ledger podcast, Paul speaks with Sameer Dixit of Spirent Security Labs, a leading tester of connected (“smart”) vehicles. Truly secure, connected vehicles may be years away, he says. In the meantime, security flaws and poorly implemented features are a major issue, Dixit says, with many car companies still preferring bolt on security fixes over secure design.
In-brief: Product testing firm Underwriters Laboratories drew scrutiny by charging for copies of new standards for connected devices. But security experts say the new UL standards are poised to have a big impact – especially in industries like medicine and critical infrastructure.
In-brief:In-brief: In this, the last in a three-part series on REST API, Neeraj Khandelwal of Barracuda Networks examines how web application security design can help secure REST APIs and provides tips for securing web applications. You can read Neeraj’s previous posts (here and here).
In-brief: Efforts to secure the Internet of Things will be challenged both by a backlog of old software and hardware, and by the rapid pace of technology evolution, experts warned at the recent Security of Things Forum in Cambridge, MA.
In-brief: Trend Micro notes that supply chain attacks are on the rise, with attackers relying on a short list of techniques including compromises of source code, firmware and so-called “watering hole” attacks.