Podcast: Play in new window | Download (Duration: 34:11 — 39.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#130): we speak with security researcher Troy Hunt, founder of HaveIBeenPwned.com about his latest disclosure: a trove of more than 700 million online account credentials he’s calling “Collection #1.” Also we speak to Martin Hagen of the Norwegian device firm Tailit about how failing a security audit of the company’s GPS watch sparked a security make-over at the company.
Security researchers warned of a serious vulnerability in a GPS service by the China-based firm ThinkRace exposes sensitive data in scores of GPS services, more than two years after the hole was discovered and reported to the firm. (Update: added comment from John van den Oever, the CEO of one2track B.V – PFR 1/3/2018)
Sensors and security holes are common companions on a range of connected toys and consumer devices available to consumers this holiday season.
Podcast: Play in new window | Download (22.3MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: on this week’s Security Ledger Podcast, we delve deeper into the question of maritime cyber security, speaking with noted researcher Ruben Santamarta of the firm IOActive about the work he’s done exposing vulnerabilities in the software that runs both commercial and navy vessels. Also: Alan Brill of Kroll joins us to talk about The Internet of Things Cybersecurity Improvement Act. And we talk to Maria Loughlin of the firm Veracode about a new survey that suggests undergraduate computer science majors aren’t receiving adequate instruction in cyber security.
In-brief: could cyber attacks have played a role in recent collisions between US Navy vessels and commercial ships? The short answer is yes. Regardless of what caused the most recent incidents, both the means and the motive exist to launch such attacks in the future.