Other News

Digital Right to Repair Movement seeks Allies at DEF CON

A grass roots movement to win a legal right to repair digital devices arrived at DEF CON in Las Vegas on Saturday with a message for an estimated 30,000 attendees: ‘fight for repair.’

Spotlight Podcast: Unpacking Black Hat Hacks with Digicert CTO Dan Timpson

In this Spotlight Podcast, we broadcast from the Black Hat Briefings in Las Vegas Nevada. Dan Timpson, the Chief Technology Officer at DigiCert joins us to talk about some of the high profile hacks at this week’s “hacker summer camp” and the common weaknesses and security lapses that are common to all of them.

Episode 156: Looming over Black Hat: doing Security at Massive Scale

In this episode of the Security Ledger Podcast (#156), we’re joined by Michael Coates, the former Chief Information Security Officer at Twitter and the CEO and co-founder of Altitude Networks.* With “hacker summer camp” kicking off in Las Vegas, Michael and I talk about the pre-eminent challenge for the information security industry: how to do security at the massive scale and speed of cloud environments like AWS.

MH-17 Disinformation Tweets

Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware

In this week’s episode of the Podcast (#155): Jerome Segura of Malwarebytes joins us to talk about how disinformation campaigns and cyber crime are part of the same toxic cocktail in the world’s trouble spots, like Ukraine. Also: Adam Meyers of CrowdStrike joins us to talk about that company’s first ever report on mobile malware, which is gaining currency with advanced persistent threat (APT) groups.

Armis Urgent/11 Vulnerabilities Logo

Critical Flaws in VxWorks affect 200 Million Connected Things

Serious and exploitable security flaws in VxWorks, a commonly used operating system for embedded devices, span 13 years and could leave hundreds of millions* of connected devices vulnerable to remote cyber attacks and hacks. The security firm Armis on Monday published a warning about 11 critical, zero day vulnerabilities in the VxWorks operating system, which is owned and managed by the firm Wind River. The vulnerabilities expose more than 200 million devices and could allow attackers to remotely take control of everything from networked printers and security appliances to industrial and medical devices, according to Ben Seri, the Vice President of Research at Armis. Move over, EternalBlue! At least a couple of the flaws were described as “more serious” than EternalBlue, the Microsoft Windows flaw that powered both the WannaCry and NotPetya malware outbreaks. SCADA and industrial control system devices, healthcare devices like patient monitors and MRI machines, as well […]