Encore Podcast: Chris Valasek on Hacking The Jeep Cherokee
With Black Hat and DEFCON upon us, we revisit a 2015 interview with Chris Valasek about his wireless, software based hack of a Chrysler Jeep Cherokee.
The post Encore Podcast: Chris Valasek on Hacking The Jeep Cherokee appeared first...
As Mobile Fraud Rises, The Password Persists
A new study released by Incognia that measures user friction in mobile financial apps yields important results about the fate of the password.
The post As Mobile Fraud Rises, The Password Persists appeared first on The Security Ledger with Paul...
Spotting Hackers at the Pace of XDR – From Alerts to Incidents
Extended Detection and Response (XDR) technology is gaining traction within enterprises. But how can organizations handle the increased volume of alerts XDR systems produce? Samuel Jones, of cyber AI firm Stellar Cyber, discusses how embracing incident-based systems can reduce...
Episode 221: Biden Unmasked APT 40. But Does It Matter?
Andrew Sellers, the Chief Technology Officer at QOMPLX joins us to unpack the revelations this week about APT 40, the Chinese group that the US has accused of a string of attacks aimed at stealing sensitive trade secrets. Also:...
Encore Podcast: Is Autonomous Driving Heading for a Crash?
Elon Musk is a big fan of his company’s Fully Self Driving software. But is it safe? In this encore edition of the podcast from 2018, we speak with Beau Woods of The Atlantic Council about the risks of...
At Pride Summit: A Warning On Cyber Literacy
Poor cyber literacy is at the root of many of the cybersecurity problems plaguing the U.S. economy, according to Dr. Alissa Abdullah, Deputy CSO at MasterCard.
The post At Pride Summit: A Warning On Cyber Literacy appeared first on...
Episode 220: Unpacking The Kaseya Attack And Securing Device Identities on the IoT
In this episode of the podcast, sponsored by Trusted Computing Group we dig deep on this week’s ransomware attack on the Kaseya IT management software with Adam Meyers of CrowdStrike and Frank Breedijk of the Dutch Institute of Vulnerability...
Episode 219: LGBTQ+Cyber – A Pride Month Conversation On Being Queer In Infosec
In this week’s episode of the podcast (#219) we speak with four cybersecurity professionals about what it means to be Queer in the industry: their various paths to the information security community, finding support among their peers and the...
Episode 218: Denial of Sustenance Attacks -The Cyber Risk To Agriculture
Forget about Colonial Pipeline and JBS. A coordinated cyber attack on U.S. agriculture could, in short order, lead to foot shortages and hunger in the U.S. and abroad. And history has shown us that when food gets scarce, things...
Episode 217: What Fighting Pirates Teaches Us About Ransomware
Criminal gangs swoop in on unsuspecting merchants to seize their goods. Behind the scenes, rival nations turn a blind eye or offer them safe harbor, in exchange for cooperation. Sound familiar? It should.
The post Episode 217: What Fighting...
Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain Security
In this episode of the podcast (#216), sponsored by Digicert, we talk with Brian Trzupek, Digicert’s Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can help prevent compromises like the...
What SolarWinds Tells Us About Securing the Software Development Supply Chain
The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align...
Episode 215-2: Leave the Gun, Take the McFlurry
In part II of our interview with Jeremy O’Sullivan of the IoT startup Kytch. We hear about how what Kytch revealed about Taylor’s soft ice cream hardware put him at odds with the company and its long-time partner: McDonald’s....
The SOC Hop Needs to be a Relic of the Past
Overworked, understaffed teams constantly jumping from one fire to the next - exhausted and reactive to events and alerts. The “SOC hop” is not sustainable.
The post The SOC Hop Needs to be a Relic of the Past appeared...
Episode 215-1: Jeremy O’Sullivan of Kytch On The Tech Serving McDonald’s Ice Cream Monopoly
Jeremy O’Sullivan, co-founder of the IoT analytics company, Kytch brings us the cautionary tale of his company’s travails with the commercial ice cream machine manufacturer, Taylor, whose equipment is used by the likes of Burger King and McDonalds.
The...
Google Patches High-Risk Android Security Flaws
Google this week pushed out a security-themed Android update with fixes for more than 30 security flaws that expose mobile users to a range of malicious hacker attacks.
The latest Android update provides documentation on 33 security bugs, some serious...
Mismanagement Driving Cybersecurity Skills Gap: Research
“To some extent, this data supports the theory that the cybersecurity skills shortage is related to mismanagement rather than a dearth of qualified candidates or advanced skills.”
read more
Linux Kernel Security Done Right
Posted by Kees Cook, Software Engineer, Google Open Source Security TeamTo borrow from an excellent analogy between the modern computer ecosystem and the US automotive industry of the 1960s, the Linux kernel runs well: when driving down the highway,...
Raccoon Stealer Bundles Malware, Propagates Via Google SEO
An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
SAP Customer Survey Reveals False Sense of Security
Many SAP customers have a false sense of security, according to a new report from risk management consultancy Turnkey Consulting and business-critical application security firm Onapsis.
The SAP Security Survey Report 2021 is based on information from over 100 SAP...
