In this week’s Security Ledger Podcast (#87) we speak with Priscilla Moriuchi of the firm Recorded Future about China’s efforts to cover up delays in publishing information on serious and exploitable software security holes. Joe Slowick of the firm Dragos Security joins us to talk about the hacking groups targeting industrial control systems and Ken Munro of the firm Pen Test Partners tells us why the UK’s new report on securing the Internet of Things isn’t worth the paper it’s written on.
The UK government released a draft report calling for a “fundamental shift” in the approach to securing Internet of Things devices. One prominent UK security researcher is unimpressed, however, calling the effort toothless.
Equifax on Thursday disclosed that 2.4 million additional customers had information stolen in a 2017 cyber attack. The company said it overlooked the victims in prior forensic analysis of the incident.
Consumer advocates and proponents of right to repair laws in 17 states have a new enemy to worry about. The Security Innovation Center, with backing of powerful tech industry groups, is arguing that letting consumers fix their own devices will empower hackers.*
Software giant Microsoft has added its voice to a growing chorus calling for the creation of a federal cybersecurity agency to coordinate the U.S. government’s response to nation-state and cyber criminal threats.
