Researchers have found a vulnerability in emergency-alert systems provided by ATI Systems that could put millions at risk by allowing hackers to sound false alarms or otherwise mislead the public in regards to warning of natural and man-made disasters in the United States.
A team of researchers from Princeton has demonstrated that they can track the location of smartphone users even when location services like GPS and WiFi are turned off.
British semiconductor giant Arm said it has a solution for securing billions of devices on the Internet of Things:Platform Security Architecture (PSA), a platform that it calls the first common industry framework for building secure connected devices.
I’m not much of one for milestones and the record will show that I’ve rarely taken the occasion to note significant Security Ledger dates. Actually, it would be more accurate to say that I’ve never noted them. But October 2nd marks what I consider an important one: the fifth anniversary of our first blog post. On October 2, 2012, this blog went live with a post on the VOHO watering hole attacks. That makes today – October 2, 2017, Security Ledger’s 5th birthday! So much has happened in the intervening years – and much remains the same. Sadly, we haven’t beat watering hole attacks, though maybe we talk about them less than we used to. The last five years have seen this blog focus more and more on the security of our physical world and the many, intelligent devices that inhabit it. That has proven to be a very rich seam […]
The firm that discovered the CCleaner attack thinks there may be other common applications that, like CCleaner, have been secretly compromised and used to gain access to corporate networks. Engineers at the firm Morphisec are reviewing historical reports that were considered “false positives” to determine if any of those reports may have been evidence of compromises of other common applications, Chief Technology Officer Michael Gorelik told The Security Ledger. “It’s something we’re doing right now. We’re revalidating stuff that we caught within the last several months,” he said. While Gorelik declined to say whether they had found evidence that other, similar attacks had taken place, he said the initial findings of the investigation were “very interesting.” “They’re very interesting events and when you go deeper they become more interesting,” he said. He said he believed there were other so-called supply chain attacks like CCleaner, but declined to say whether his firm […]
