Tag: critical infrastructure

Did Bloomberg get its story on a supply chain attack on motherboard maker Super Micro right?

Podcast Episode 115: Joe Grand on Unicorn Spotting and Bloomberg’s Supply Chain Story

Podcast: Play in new window | Download (Duration: 35:36 — 40.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#115), noted hardware enthusiast and hacker Joe Grand (aka “Kingpin”) told reporters from Bloomberg that finding an in-the-wild supply chain hack implanting malicious hardware on motherboards was akin to witnessing “a unicorn jumping over a rainbow.” They went with their story about just such an attack anyway. Joe joins us in the Security Ledger studios to talk about whether Bloomberg got it right. Also, Adam Meyers of Crowdstrike comes into the studio to talk about the U.S. Department of Justice indictment of seven Russian nationals. Adam talks about the hacks behind the charges and what comes next.

Electronic voting machines have been shown to be vulnerable to hackers.

Opinion: The Corporate Lessons of Election Hacks

Recent demonstrations of election hacks are about more than ballots. They also contain important lessons for enterprises,  Security Ledger Editor in Chief Paul Roberts argues in this opinion piece. (Note: this post first appeared on Hitachi Systems Security* web site.)

Podcast Episode 110: Why Patching Struts isn’t Enough and Hacking Electricity Demand with IoT?

Podcast Episode 110: Why Patching Struts isn’t Enough and Hacking Electricity Demand with IoT?

Podcast: Play in new window | Download (Duration: 33:38 — 38.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#110): the second major flaw in Apache Struts 2 in as many years and has put the information security community on alert. But is this vulnerability as serious as the last, which resulted in the hack of the firm Equifax? We talk with an expert from the firm Synopsys.  And: we’ve heard a lot about the risk of cyber attacks on the critical infrastructure used to generate and distribute electricity. But what would happen if someone figured out to how to hack electricity demand? The Internet of Things just might make that possible. We talk to a Princeton University researcher behind a paper that discusses how even small changes in demand can have big consequences for the grid.