Tag: The Security Ledger
Black Hat: Colin O’Flynn On Hacking An Oven To Make It Stop Lying
In this episode of the podcast, host Paul Roberts speaks with Colin O'Flynn, CTO and founder of the firm NewAE about his work to patch shoddy software on his home's electric oven - and the bigger questions about owners...
Spotlight Podcast: Are you ready for Threat Reconnaissance?
In this Spotlight podcast interview, David Monnier of Team Cymru talks about the evolution of the threat intelligence into actionable and target specific “threat reconnaissance.”
The post Spotlight Podcast: Are you ready for Threat Reconnaissance? first appeared on The Security...
Attacks on APIs demand a Security Re-Think
New threats demand that we transform the way we think about securing the endpoints. Case in point: APIs, writes Ross Moore.
The post Attacks on APIs demand a Security Re-Think appeared first on The Security Ledger with Paul F....
Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT
In this episode of the podcast, host Paul Roberts speaks with Boyd Multerer, CEO of the firm Kry10 about the firm’s technology: a secure operating system for the Internet of Things and about how the challenges of managing modern,...
Is a DEF CON Village the right way to assess AI risk?
The AI industry is pointing to the AI Village at DEF CON as a venue for assessing cybersecurity risk. But is a "village" the best way to test AI risk? Experts have their doubts.
The post Is a DEF...
Researcher finds malicious packages lurked on npm for months
Researchers at ReversingLabs said they discovered two npm open source packages that contained malicious code linked to open source malware known as TurkoRat.
The post Researcher finds malicious packages lurked on npm for months appeared first on The Security...
Researcher: malicious packages lurked on npm for months
Researchers at ReversingLabs said they discovered two npm open source packages that contained malicious code linked to open source malware known as TurkoRat.
The post Researcher: malicious packages lurked on npm for months appeared first on The Security Ledger...
Episode 250: Window Snyder of Thistle on Making IoT Security Easy
In this episode of the podcast, I speak with Window Snyder, the founder and CEO of Thistle Technologies about the (many) security challenges facing Internet of Things (IoT) devices and her idea for making things better: Thistle’s platform for...
The surveys speak: supply chain threats are freaking people out
A bunch of recent surveys of IT and security pros send a clear message: threats and risks from vulnerable software supply chains are real, and they’re starting to freak people out.
The post The surveys speak: supply chain threats are...
Spotlight: Traceable CSO Richard Bird on Securing the API Economy
In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data.
The post Spotlight: Traceable CSO Richard Bird...
Episode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain Security
Paul speaks with Steve Orrin, the Federal CTO at Intel Corp about representing Intel and its technologies to Uncle Sam and the impact of the CHIPS Act a massive new federal investment in semiconductors.
The post Episode 249: Intel...
Malicious Automation is driving API Security Breaches
Removing the ability to automate against a vulnerable API is a huge step forward, as automation is a key enabler for both the exploitation and the extraction of large amounts of sensitive data.
The post Malicious Automation is driving API...
Spotlight: Making the Most of Cyber Threat Intelligence with Itsik Kesler of KELA
In this Spotlight episode of the Security Ledger podcast, I interview Itsik Kesler, the CTO of the threat intelligence firm Kela about the evolution of threat intelligence and findings from the company’s latest State of Cybercrime Threat Intelligence report.
The post Spotlight: Making...
Cyberattacks on Industrial Control Systems Jumped in 2022
Cyberattacks on industrial control systems (ICS) jumped in 2022, with an 87% jump in ransomware attacks and a 35% increase in the number of ransomware groups targeting industrial control and operational technology (OT) systems, according to a report by...
Forget the IoT. Meet the IoZ: our Internet of Zombie things
A school that never sleeps? Cameras that go dark? A dead company hacked back to life? Welcome to the growing Internet of Zombie devices that threatens the security of the Internet.
The post Forget the IoT. Meet the IoZ:...
From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese
Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information.
"The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based...
In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers.
The post In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover appeared first on SecurityWeek.
Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks.
The post Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks appeared first on SecurityWeek.
BEC Scammer Pleads Guilty to Part in $6m Scheme
Nigerian was extradited to the US from Canada
Researchers Spot Novel “Deadglyph” Backdoor
Malware is linked to UAE-backed spies
