Seeds of Destruction: Cyber Risk Is Growing in Agriculture
In this episode of the podcast (#213): Molly Jahn of DARPA and University of Wisconsin joins us to talk about the growing cyber risk to the Food and Agriculture sector, as industry consolidation and precision agriculture combine to increase...
Episode 212: China’s Stolen Data Economy (And Why We Should Care)
In this episode of the podcast (#212), Brandon Hoffman, the CISO of Intel 471 joins us to discuss that company’s latest report that looks at China’s diversified marketplace for stolen data and stolen identities.
The post Episode 212: China’s...
Deere John: Researcher Warns Ag Giant’s Site Provides a Map to Customers, Equipment
Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is...
Can Blockchain Solve Data’s Integrity Problem?
The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity...
Episode 211: Scrapin’ ain’t Hackin’. Or is it?
In just the last two weeks, three of the world’s most prominent social networks have been linked to stories about data leaks. Troves of information on both Facebook and LinkedIn users – hundreds of millions of them – turned...
Episode 210: Moving The Goal Posts On Vendor Transparency: A Conversation With Intel’s Suzy Greenberg
In this episode of the podcast, Paul speaks with Intel Vice President Suzy Greenberg about a new survey by the Poneman Institute that shows how customers’ expectations are changing when it comes to vendor transparency about software vulnerabilities.
The...
Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges
The information security industry needs both better tools to fight adversaries, and more people to do the fighting, says Fortinet Deputy CISO Renee Tarun in this interview with The Security Ledger Podcast’s Paul Roberts.
The post Episode 209: Fortinet’s...
Critical Flaws Found In Widely Used Netmask Open Source Library
An IP address parsing flaw in the netmask NPM module affects hundreds of thousands of applications that rely on it. But that may be just the tip of the iceberg, researchers warn.
The post Critical Flaws Found In Widely...
Critical Flaw Found In Widely Used Netmask Open Source Module
An IP address parsing flaw in the netmask NPM module affects hundreds of thousands of applications that rely on it. But that may be just the tip of the iceberg, researchers warn.
The post Critical Flaw Found In Widely...
Episode 208: Getting Serious about Hardware Supply Chains with Goldman Sachs’ Michael Mattioli
In this week’s Security Ledger Podcast, sponsored by Trusted Computing Group, we’re talking about securing the hardware supply chain. We’re joined by Michael Mattioli, a Vice President at Goldman Sachs who heads up that organization’s hardware supply chain security...
Episode 207: Sara Tatsis of Blackberry on finding and Keeping Women in Cyber
In this week’s episode of the podcast (#207) we speak with Sara Tatsis of the firm Blackberry about her 20 year career at the legendary mobile device maker and the myriad challenges attracting women to- and keeping them in...
Episode 207: Sarah Tatsis of BlackBerry on finding and Keeping Women in Cyber
In this week’s episode of the podcast (#207) we speak with Sara Tatsis of the firm Blackberry about her 20 year career at the legendary mobile device maker and the myriad challenges attracting women to- and keeping them in...
Encore Edition: Veracode CEO Sam King on Infosec’s Leaky Talent Pipeline
Women are more than 50% of the population, but barely 20% of the information security workforce. Why? In this encore podcast in honor of Women’s History Month, we revisit a 2019 interview with Veracode CEO Sam King to talk...
Futility or Fruition?Rethinking Common Approaches To Cybersecurity
The current approaches most organizations take towards security are not good enough, writes Albert Zhichun Li, the Chief Security Scientist at Stellar Cyber. Something has to change.
The post Futility or Fruition?Rethinking Common Approaches To Cybersecurity appeared first on The...
Episode 206: What Might A Federal Data Privacy Law Mean In the US?
In this episode of the podcast (#206): with movement towards passage of a federal data privacy law stronger than ever, we invite two experts in to the Security Ledger studio to talk about what that might mean for U.S....
Blessed are the cryptographers, labelling them criminal enablers is just foolish
Preserving privacy is hard. I know because when I tried, I quickly learned not to play with weapons Column Nearly a decade ago I decided to try my hand as a cryptographer. It went about as well as you...
Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations
The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department (MPD) after negotiations with the DC Police broke down, warning that they intend to publish all data ransom demands are not met.
"The...
NSA and ODNI analyze potential risks to 5G networks
U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence gathering.
The U.S. National Security Agency (NSA), along with the DHS Cybersecurity and Infrastructure Security Agency (CISA), and the Office...
Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild
Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild.
The list of updated applications includes Adobe Experience Manager,...
Beijing twirls ban-hammer at 84 more apps it says need to stop slurping excess data
Online lending apps and more given fifteen days to ‘rectify’ behaviour China’s Central Cyberspace Affairs Commission has named 84 apps it says breach local privacy laws and given their developers 15 days to “rectify” their code.…
