The Security Ledger with Paul F. Roberts

March 12, 2025 | Paul Roberts

Report: Epidemic of Flaws in Commercial and Open Source Code

ReversingLabs' 2025 Software Supply Chain Security Report finds that security flaws in commercial and open source code are epidemic as hackers target supply chains including those for cryptocurrency and AI in a play for access to sensitive data and IT assets.

Listen & Read Article

Recent Podcast Episodes

Episode 260: The Art of Teaching Secure Coding with Tanya Janca

36:32

Security Validation: A Deep Dive with Cymulate's David Kellerman

Pacific Rim: Sophos’ 6 Year Battle To Beat Back China State Hackers

33:42

Report Finds Lack of Talent, Tools Frustrates Cyber Investigations

Episode 258: Broken Brokers - Optery's Fight To Claw Back Your Personal Data

36:16

Podcast Series

Spotlight

118 Episodes

Spotlight podcasts bring Security Ledger's audience up close and personal with some of the leading cybersecurity firms in the world: exploring the history, technology and vision that drives innovation in the information security field. Hosted by Security Ledger Editor in Chief Paul Roberts, this premium podcast features interviews with leading executives, security researchers and entrepreneurs as they chart the future of the cybersecurity industry.

Series Details

The Fight to Repair

8 Episodes

How do we keep the Internet of Things from maturing into the Internet of Broken, Vulnerable and Unsupported Things? A right to repair is key. In this series of interviews we explore the issues complicating repair on connected devices and how an important consumer and property right is threatened by the headlong growth of the IOT.

Series Details

CISO Close Up

19 Episodes

Cloud. Internet of Things. DEVOPS. The job of Chief Information Security Officer has never been more challenging. How are world's leading CISOs taking on the challenges that a fast-evolving technology and risk landscape throw at them? In CISO Close Up, Security Ledger Editor in Chief Paul Roberts talks shop with some of the best CISOs in the private and public sectors to get their thoughts on the job.

Series Details

Recent Posts

EFF: SSL Records Show Superfish Attacks in the Wild

February 26, 2015 Paul Roberts

In-brief: The Electronic Frontier Foundation warned that it has evidence of man-in-the-middle attacks that take advantage of the same encryption-busting technology that Lenovo and Superfish implanted on consumer laptops.

Doctorow: Fearing an Internet of Things That Do As They’re Told

February 25, 2015 Paul Roberts

In-brief: In an essay for O’Reilly Radar, Cory Doctorow argues that remote management features that allow carriers to disable mobile phones are a mistake – taking technology owners’ autonomy and control over their data away in the name of preventing muggings and other crimes.

Verizon: 5 Billion Business IoT Connections by 2020

February 24, 2015 Paul Roberts

In-brief: A report by Verizon finds business adoption of IoT is growing quickly, boosting that company’s Internet of Things numbers. But increased business adoption of IoT brings risks to privacy and security.

Update: Superfish is the Real End of SSL

February 23, 2015 Paul Roberts

In-brief: Outrage over Lenovo’s promotion of privacy busting adware continued to grow amid lawsuits and more spying revelations. The big question: is this the final – final straw for the beleaguered Secure Sockets Layer (SSL) technology? (Updated to add comment from Kevin Bocek of Venafi.)

Gemalto Will Investigate Alleged SIM Card Hack

February 20, 2015 Paul Roberts

In-brief: Gemalto said in a statement Friday that it will investigate reports that the company was the victim of a sophisticated campaign of espionage by the U.S. National Security Agency and Britain’s GCHQ.

Podcast Player

Latest Podcast

Report: Epidemic of Flaws in Commercial and Open Source Code

Recent Podcast Episodes

Podcast Series

Spotlight

The Fight to Repair

CISO Close Up

Recent Posts

EFF: SSL Records Show Superfish Attacks in the Wild

Doctorow: Fearing an Internet of Things That Do As They’re Told

Update: Superfish is the Real End of SSL

Gemalto Will Investigate Alleged SIM Card Hack

Press Release

SecAI Debuts at RSA 2025, Redefining Threat Investigation with AI

Court Dismisses Criminal Charges Against VPN Executive, Affirms No-Log Policy

Lattica Emerges from Stealth to Solve AI’s Biggest Privacy Challenge with FHE

Criminal IP to Showcase Advanced Threat Intelligence at RSAC™ 2025

Industry First: StrikeReady AI Platform Moves Security Teams Beyond Basic, One-Dimensional AI-Driven Triage Solutions

Subscribe to Podcast

Security Ledger Publisher & Editor in Chief

Paul F. Roberts

Podcast Player

Latest Podcast

Report: Epidemic of Flaws in Commercial and Open Source Code

Recent Podcast Episodes

Podcast Series

Recent Posts

Share this:

Share this:

Share this:

Share this:

Share this:

Subscribe to Podcast

Security Ledger Publisher & Editor in Chief