Despite their availability on mobile networks and thus increased exposure to outside security threats, SCADA apps remain highly insecure and vulnerable to attack, putting critical industrial control systems at immediate and increased risk, researchers at IOActive and Embedi have found.
There has been plenty of (digital) ink spilled in recent days about widespread processor flaws known as “Meltdown” and “Spectre.” We round up five articles that will help you understand these security vulnerabilities, how they were discovered and their likely impact.
Two years after it was cited for security and privacy violations in its connected toys, VTech Electronics Ltd. has been fined by the U.S. government for violations of a federal law protecting children’s online privacy.
In this week’s edition of The Security Ledger Podcast we talk with security researcher and data spelunker Chris Vickery of the firm UpGuard about his discovery of a data trove containing consumer profiles on 123 million American households. Also: there’s a tough new standard for handling federal data come January 1st in the form of NIST’s 800-171 standard. And: Katie Moussouris joins us back in the studio to talk about what the updated Wassenaar Arrangement means for security researchers.
In our latest podcast: industrial security expert Joe Weiss talks to us about Triton, a new malware family targeting industrial safety systems. Also: Dave Aitel of the firm Immunity Inc. joins us again to talk about new legislation banning government agencies from using anti malware software by Kaspersky Lab. And, Alan Naumann* of the firm Contrast Security talks to us about the major insurance firm that joined the latest round of investment in his company, and why application security is everybody’s problem.
