Tag: software

Storm on the Farm

DEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk

A demonstration at DEF CON of glaring flaws in software by agricultural equipment giants John Deere and Case IH raise the specter of remote, software-based attacks that could cripple farms and impact US food production.

Hooded Hacker Concept Image

Spotting Hackers at the Pace of XDR – From Alerts to Incidents

Extended Detection and Response (XDR) technology is gaining traction within enterprises. But how can organizations handle the increased volume of alerts XDR systems produce? Samuel Jones, of cyber AI firm Stellar Cyber, discusses how embracing incident-based systems can reduce the analyst burden of XDR technology, enabling companies to spot and respond to attacks more quickly.

SolarWinds Hacked Image

What SolarWinds Tells Us About Securing the Software Development Supply Chain

The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought leadership article.

Huge Survey of Firmware Finds No Security Gains in 15 Years

A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors.

Armis Urgent/11 Vulnerabilities Logo

Critical Flaws in VxWorks affect 200 Million Connected Things

Serious and exploitable security flaws in VxWorks, a commonly used operating system for embedded devices, span 13 years and could leave hundreds of millions* of connected devices vulnerable to remote cyber attacks and hacks. The security firm Armis on Monday published a warning about 11 critical, zero day vulnerabilities in the VxWorks operating system, which is owned and managed by the firm Wind River. The vulnerabilities expose more than 200 million devices and could allow attackers to remotely take control of everything from networked printers and security appliances to industrial and medical devices, according to Ben Seri, the Vice President of Research at Armis. Move over, EternalBlue! At least a couple of the flaws were described as “more serious” than EternalBlue, the Microsoft Windows flaw that powered both the WannaCry and NotPetya malware outbreaks. SCADA and industrial control system devices, healthcare devices like patient monitors and MRI machines, as well […]