IOT and ICS Security
Robot Dog Internet Jammer
Bruce Schneier | | Denial of Service, DHS, Internet of things, law enforcement, robotics, Uncategorized
Supposedly the DHS has these: The robot, called “NEO,” is a modified version of the “Quadruped Unmanned Ground Vehicle” (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, ...
OT/ICS and IoT Incident Response Plan
What is an Incident Response Plan? Modern-day enterprises experience cybersecurity threats and risks are a part of everyday business. Therefore, protecting business assets requires pre-emptive and proactive measures, and IRP is one ...
CrowdStrike Admits it Doesn’t ‘Canary’ Test all Updates
Richi Jennings | | canary deployment, CrowdStrike, CrowdStrike Falcon, CrowdStrike Falcon XDR, Downtime and outages, outage, Outage Investigation, SB Blogwatch
Corporate incompetence: Beleaguered security firm issues initial post-mortem on Friday’s faux pas ...
Security Boulevard
‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans
Richi Jennings | | blast radius, collision-based-hashing-algorithm-disclosure, CVE-2024-3596, hash, hash algorithms, hash function, hash functions, Man In The Middle, man in the middle attack, man in the middle attacks, maninthemiddleattacks, md5 hash, men-in-the-middle attack, mitm, MitM Attack, mitm attacks, RADIUS, SB Blogwatch
MD5 MITM Muddle: Ancient, widely used protocol has CVSS 9.0 vulnerability ...
Security Boulevard
Biggest Ever Password Leak — but is ObamaCare’s RockYou2024 Really NEW?
Richi Jennings | | credentials, Cybersecurity, Malware, ObamaCare, Passkeys, passwords, rockyou2021, RockYou2024, SB Blogwatch
Credential crunch: Ten billion plain-text passwords in a file—sky falling or situation normal? ...
Security Boulevard
IoT Vulnerabilities and BotNet Infections: What Executives Need to Know
Aaron Wise | | Digital Executive Protection, Executive Online Protection, Internet of things, Vulnerabilities
The Internet of Things (IoT) has revolutionized the way we interact with technology. From smart homes to connected cars, IoT devices have permeated every aspect of our lives. However, the proliferation of ...
‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE
Richi Jennings | | App Sec & Supply Chain Security, Apple, Apple iOS, AppSec & Supply Chain Security, CocoaPods, CVE-2024-38366, CVE-2024-38368, dependencies, dependency injection, Dependency Management, macos, macOS Security, Modern Software Supply Chains, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, SB Blogwatch, software dependencies, Supply-Chain Insecurity, third-party dependencies, trust dependencies
Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug ...
Security Boulevard
Passkeys: The Future of Passwordless Authentication
Deepak Gupta - Tech Entrepreneur, Cybersecurity Author | | AI (Artificial Intelligence), biometrics, Innovation, Password, password manager, passwordless, security
Say goodbye to passwords! Passkeys are the next generation of authentication, offering enhanced security and convenience. Learn how passkeys work, their benefits over passwords, and why they are the future of secure ...
The Impending Identity Crisis Of Machines: Why We Need To Secure All Non-Human Identities, From Genai To Microservices And IOT
Ravishankar Chamarajnagar | | api, application programming interfaces, Artificial Intelligence, iam, identity and access management, Identity-First Security, iot, machine identity management, machine learning, non-human identity
The digital landscape is no longer solely populated by human actors. Lurking beneath the surface is a silent legion – non-human or machine identities . These non-human identities encompass computers, mobile devices, ...
ASUS Router User? Patch ASAP!
Richi Jennings | | Asus, Attacking Routers, CVE-2024-3079, CVE-2024-3080, CVE-2024-3912, firmware, firmware attacks, firmware patch, firmware security, firmware update, Firmware Updates, Firmware Vulnerabilities, firmware vulnerability, flawed routers, IoT firmware, Malicious Firmware Updates, router, router compromise, router exploit, router hacking, router hijacking, router malware, router security, router vulnerabilities, router vulnerability, SB Blogwatch
Or junk it if EOL: Two nasty vulnerabilities need an update—pronto ...
Security Boulevard