AppSec

Kia’s Huge Security Hole: FIXED (Finally)

Richi Jennings | September 30, 2024 | Car Dealer, connected car security, Connected Cars, connected vehicle, Connected Vehicles, connected-car, Consumer IoT, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, Kia, Korea, SB Blogwatch, South Korea, southkorea

Connected cars considered crud: Kia promises bug never exploited. But even 10-year-old cars were vulnerable ...

Security Boulevard

zero-trust, be, ZTA, architecture, security, Permiso, applications, zero-trust, ML, AI, zero-trust, access, zero-trust, PAM, zero-trust, ZTNA, migrating, backup data, zero-trust, security, zero-trust, business, policy container zero-trust ZTNA

Permiso Launches Universal Identity Graph to Advance Zero-Trust IT

Michael Vizard | September 19, 2024 | applications, IT, zero trust

Permiso today added a Universal Identity Graph engine that makes it simpler for cybersecurity teams to visually map the relationship between individuals, applications and systems to better enforce zero-trust IT policies ...

Security Boulevard

E2EE is MIA in iPhone/Android Chat — GSMA Gonna Fix it

Richi Jennings | September 18, 2024 | android, Apple, Apple iOS, Apple iPhone, china, E2EE, end-to-end, end-to-end encryption, google, Great Firewall of China, GSMA, iChat, imessage, ios, iOS 18, iPhone, iphone security, MLS, RCS, RCS protocol, SB Blogwatch, SMS, SMS messages

No More Barf-Green Bubbles? GSM Association is “excited” to bring Apple and Google closer together, but encryption is still lacking ...

Security Boulevard

Russian ‘WhisperGate’ Hacks: 5 More Indicted

Eaten by a GRU: Fake ransomware created by Russian GRU Unit 29155 attacked Ukraine and NATO—a month before the full scale invasion ...

Security Boulevard

China Cyberwar Coming? Versa’s Vice: Volt Typhoon’s Target

Richi Jennings | August 28, 2024 | CenturyLink, china, china espionage, China-linked Hackers, China-nexus cyber attacks, China-nexus cyber espionage, CVE-2024-39717, Lumen, Lumen Technologies, Peoples Republic of China, SB Blogwatch, Versa Director, Versa Neworks, VersaMem, Volt Typhoon

Xi whiz: Versa Networks criticized for swerving the blame ...

Security Boulevard

‘Terrorgram’ Telegram Terrorists Trash Transformers — Grid in Peril

Should’ve listened to Edison: After the arrest of Pavel Durov—the Telegram CEO—comes news of domestic extremists using the chat app to organize ...

Security Boulevard

Patch Tuesday not Done ’til LINUX Won’t Run?

Richi Jennings | August 21, 2024 | CVE-2022-2601, Dual boot, GRUB2 Bootloader Secure Boot Bypass, Linux, Microsoft, Microsoft Patch Tuesday August 2024, Microsoft Windows, Patch Tuesday, SB Blogwatch, SBAT, secure boot, Secure Boot Advanced Targeting, Windows

Redmond reboot redux: “Something has gone seriously wrong.” You can say that again, Microsoft ...

Security Boulevard

The word “Tuesday” in cutout paper letters on a textured background

August Patch Pileup: Microsoft’s Zero-Day Doozy Dump

Richi Jennings | August 14, 2024 | Adobe patch, august patch tuesday, CVE-2024-21302, CVE-2024-38106, CVE-2024-38107, CVE-2024-38178, CVE-2024-38189, CVE-2024-38193, CVE-2024-38199, CVE-2024-38200, CVE-2024-38202, CVE-2024-38213, Microsoft patch tuesday, Microsoft Patch Tuesday August 2024, Patch Tuesday, SB Blogwatch

See These CVEs: Patch Tuesday—ten zero-days, seven Critical vulns, zero time to waste ...

Security Boulevard

Student Devices Wiped — Mobile Guardian Hacked AGAIN

Richi Jennings | August 7, 2024 | Blackmail, cybersecurity education, Cybersecurity in education, DevOps Education, DevSecOps Education, MDM, Mobile Device Management (MDM), Mobile Guardian, Ransomware, SB Blogwatch, singapore

Hackers ate my homework: MDM software for schools is breached for second time this year—13,000 devices wiped in Singapore alone ...

Security Boulevard

TikTok Abuses Kids, say DoJ and FTC

Richi Jennings | August 5, 2024 | Bytedance, children, Children and smartphones, Children's Online Privacy Protection Act (COPPA), china, chinese government, Coppa, Privacy, SB Blogwatch, , spyware, TikTok, TikTok Ban, Won’t somebody think of the children?

For You Plague: U.S. Justice Dept. and Federal Trade Commission file lawsuit, alleging TikTok broke the COPPA law, plus a previous injunction ...

Security Boulevard

AppSec

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On