Hot Topics

IoT and ICS Security

IOT and ICS Security

What is SIM Swapping? How It’s Driving Fraud in Telecommunications

| | biometrics, fraud prevention, Identity Verification
The rising prevalence of SIM swapping incidents underscores the need for more robust identity proofing processes and enhanced security measures in the telecommunications industry ...
AuthenticID

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

| | Cybersecurity, Hacking, hotels, Internet of things, locks, Uncategorized, Vulnerabilities
It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security ...
Schneier on Security

Unsafelok Threat Highlights It’s About Both IoT Devices and Applications

| | Blog, cyber, iot, remediation, Vulnerabilities
IoT devices and applications exist all over the place, and in high volume.  Today’s news brought yet another example of how the scale of IoT systems leads to the conclusion that their ...
Viakoo, Inc
Public washroom faucets

EPA and White House Raise Alarm on Water Cybersecurity

| | Critical Infrastructure, critical infrastructure assets, critical infrastructure attack, Critical Infrastructure Cyber security, Critical Infrastructure Cybersecurity, Drinking Water, Environmental Protection Agency, EPA, ICS, operational technologies, OT, public water systems, SB Blogwatch, wastewater, water, water distribution systems, Water industry, water infrastructure, White House
Iran and China fingered: Biden admin. chides governors: Water infra. lacks “even basic cybersecurity precautions.” ...
Security Boulevard

Drones and the US Air Force

| | Defense, Department of Defense, drones, economics of security, Uncategorized, War
Fascinating analysis of the use of drones on a modern battlefield—that is, Ukraine—and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform ...
Schneier on Security
Two stacks of money on top of a white table.

Google Splashes the Cash in Bug Bounty Bonanza: $59 Million to Date

| | alphabet, bounty, bug bounty, bug bounty program, bugbounty, ethical hacker, ethical hackers, ethical hacking, google, SB Blogwatch, Vulnerability Rewards Program (VRP), white hat, white hat hacker, white hat hackers, White Hat Security, White Hats, WhiteHat, whitehat hackers, WhiteHat Security
Wanna be a VRP VIP? Last year, $GOOG paid $10 million to ethical hackers for finding vulnerabilities ...
Security Boulevard
Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly

Irony of Ironies: CISA Hacked — ‘by China’

| | china, china espionage, Chinese, Chinese Communists, Chinese drive-by attack, chinese government, chinese hacker, Chinese hackers, Chinese state-sponsored hacking group, Chinese Threat Actors, CIRCIA, cisa, CISA.gov, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Cyber Security and Infrastructure Security Agency, Cybersecurity & Infrastructure Security Agency, Cybersecurity and Infrastructure Agency, Data Stolen By China, federal agency, Ivanti, Ivanti Connect Secure, Ivanti Policy Secure, Ivanti security, Ivanti Vulnerabilities, Ivanti Zero day vulnerability, Ligolo, Magnet Goblin, NerbianRAT, NSA/CISA, Peoples Republic of China, SB Blogwatch, Volt Typhoon, WARPWIRE
Free rides and traffic jams: U.S. Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti ...
Security Boulevard

Emerging Trends in Embedded Linux IoT Security

| | embedded linux, Embedded Linux IoT Security, iot, Live Patching Education, Trends in Embedded Linux IoT
Mitigating potential vulnerabilities requires proactive measures due to the complexity of embedded Linux IoT devices The use of containerization and virtualization reduces the attack surface and minimizes the impact of security breaches ...
TuxCare
LLM firewall AI

Cloudflare Unveils a Firewall Designed to Keep LLMs Safe

| | CloudFlare, firewall, Generative AI risks, LLMs
Cloudflare wants to help organizations wall off their large-language models (LLMs) from cyberthreats and give enterprises an AI framework to ward off risks, many of which are themselves based on the emerging ...
Security Boulevard
Phobos ransomware CISA

CISA Warns Phobos Ransomware Groups Attacking Critical Infrastructure

| | cisa, Critical Infrastructure Security, Phobos, Ransomware
Phobos, a complex ransomware-as-a-service (RaaS) operation that has been around for five years and is includes multiple variants, continues to target a range of critical infrastructure in the United States, including education, ...
Security Boulevard
Load more

Secure Guardrails