Recent demonstrations of election hacks are about more than ballots. They also contain important lessons for enterprises, Security Ledger Editor in Chief Paul Roberts argues in this opinion piece. (Note: this post first appeared on Hitachi Systems Security* web site.)
In this week’s episode (#110): the second major flaw in Apache Struts 2 in as many years and has put the information security community on alert. But is this vulnerability as serious as the last, which resulted in the hack of the firm Equifax? We talk with an expert from the firm Synopsys. And: we’ve heard a lot about the risk of cyber attacks on the critical infrastructure used to generate and distribute electricity. But what would happen if someone figured out to how to hack electricity demand? The Internet of Things just might make that possible. We talk to a Princeton University researcher behind a paper that discusses how even small changes in demand can have big consequences for the grid.
Can consumer-owned self-driving cars like those being made by Tesla, BMW and Mercedes and others be secured from cyber attack? The hackers who famously commandeered a Jeep Cherokee using software attacks say they aren’t so sure.
Beating up on direct record electronic (DRE) voting machines has been popular sport in security circles for more than a decade. But is it a distraction from other, more present and dangerous threats to the integrity of elections? A growing body of evidence says “yes.”
In this Spotlight Edition of the Security Ledger Podcast: identity is at the root of many of the security problems facing the Internet of Things, from vulnerable and “chatty” endpoints to a lack of robust update and lifecycle management features. To figure out how we might start to build a more secure IoT ecosystem, we invited Judah Aspler, the Vice President of IoT Strategy at Certified Security Solutions, or CSS Security in to talk about how more agile PKI infrastructure is one element in scaling the Internet of Things without creating a giant security mess.
