Security Boulevard

FEBRUARY 16, 2021

The first line of defense in functional safety is typically your coding standard. The post On Demand Webinar featuring Solid Sands | Safety and Security Critical Software: Start with the End in Mind appeared first on Security Boulevard. As a first step, automated testing is really important. Click below and schedule your demo.

Software 57

Software Technology 57

The Hacker News

APRIL 3, 2024

Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year.

92

92

LRQA Nettitude Labs

APRIL 18, 2024

However, as AI systems become more complex and powerful, ensuring their safety becomes increasingly critical. In a ground-breaking move towards enhancing AI safety, MLCommons, an open collaboration-focused Artificial Intelligence engineering consortium, has unveiled the MLCommons AI Safety v0.5 The MLCommons AI Safety v0.5

Artificial Intelligence 58

Artificial Intelligence Risk Engineering 58

Schneier on Security

JULY 27, 2022

Good essay arguing that open-source software is a critical national-security asset and needs to be treated as such: Open source is at least as important to the economy, public services, and national security as proprietary code, but it lacks the same standards and safeguards.

Software 279

Software Cybersecurity 279

Security Boulevard

MARCH 29, 2024

Given the criticality of enterprise IT products in our society today, we will likely see a combination of these two market influences work to reduce dangerous vulnerabilities and other […] The post Market Forces vs. Regulation: How to Drive IT Product Safety appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.

Marketing 62

Marketing Government 62

The Last Watchdog

AUGUST 29, 2023

It just means that, up to now, cybersecurity engineers and safety regulations have been remarkably successful at staying ahead of threats. This means that all avionics engineers had to ensure software on board planes was compliant and carefully tested for vulnerabilities and safety risks per DO-326A or ED-202A, no excuses, no alternatives.

Software 264

Software Risk Artificial Intelligence Engineering 264

The Hacker News

NOVEMBER 10, 2021

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service (DoS), and information leak.

IoT 91

IoT Technology Software 91

IT Security Guru

JANUARY 25, 2024

Site safety briefings are an essential – and legally necessary – part of the onboarding process for any new starter on a construction site. Which begs the question: Are site safety briefings best delivered on-site or at home via online inductions ? Let’s discuss.

Software 116

Software Technology 116

Security Boulevard

MARCH 26, 2024

Spoutible, the rapidly growing social media platform known for its commitment to fostering a safe, inclusive, and respectful online community, has taken a significant step forward in its mission to ensure user safety, security and data integrity.

Media 70

Media 70

Veracode Security

DECEMBER 7, 2023

December 9 marks two years since the world went on high alert because of what was deemed one of the most critical zero-day vulnerabilities ever: Log4Shell. Department of Homeland Security’s Cyber Safety Review Board determined that fully remediating Log4Shell would take a decade. The two-year anniversary of Log4Shell is a good…

138

138

Centraleyes

FEBRUARY 22, 2024

It’s a proactive step in the right direction, considering the increasing cyberattacks on critical infrastructure. It was reassuring to know that the safety of drinking water wasn’t compromised, thanks to swift action and existing safeguards. Water facilities across the globe have been under siege by cybercriminals.

Cyber threats 52

Cyber threats Government Ransomware Authentication 52

Dark Reading

AUGUST 1, 2023

Businesses that develop business-, mission-, or safety-critical software must learn from previous victims of software supply chain attacks.

Software 80

Software 80

The Hacker News

APRIL 6, 2023

Critical infrastructure attacks are a preferred target for cyber criminals. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national security, the economy, public health, or safety.

Government 84

Government 84

Security Boulevard

MARCH 13, 2022

The MISRA C/C++ coding guidelines were created based on concerns about the ability to safely use the C and C++ programming languages in critical automotive systems. The post Accelerating Automotive Software Safety with MISRA C and SAST appeared first on Security Boulevard.

Software 98

Software 98

Security Boulevard

MARCH 13, 2022

Advanced Driver Assistance Systems (ADAS) are a key area of innovation in automotive electronics, but their potential improvement and positive impact on safety can only be realized with the same level of rigor as other safety-critical software.

Software 95

Software 95

Graham Cluley

JULY 14, 2023

A federal grand jury has indicted a former employee of a contractor operating a California town's wastewater treatment facility, alleging that he remotely turned off critical systems and could have endangered public health and safety. Read more in my article on the Tripwire State of Security blog.

84

84

CyberSecurity Insiders

JUNE 2, 2023

In May 2021, the hack infiltrated critical systems of the pipeline, resulting in its shutdown for several days. Critical Infrastructure Attacks Double According to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), cyber-attacks against critical infrastructure in the United States have doubled since 2015.

Hacking 138

Hacking Cyber Attacks Engineering Cybersecurity 138

The Security Ledger

MARCH 27, 2024

The auto industry fought calls for federal auto safety rules and requirements for decades, arguing that driver error and unsafe roads were responsible for accidents, not their vehicles. Since then, the auto industry’s tune on vehicle safety has done a 180 degree turn. Vehicle safety? million minor injuries, and $8.5

Software 52

Software Cyber Risk Risk Cybersecurity 52

The Hacker News

DECEMBER 7, 2022

Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Critical infrastructure is made up of digital

Telecommunications 78

Telecommunications Healthcare Technology 78

Threatpost

SEPTEMBER 4, 2019

The AK-EM 800 software from Danfoss centralizes alarm management, automatic data collection and food-quality reporting.

Data collection 60

Data collection Software Risk 60

CSO Magazine

APRIL 20, 2022

Why Securing our Critical Infrastructure Matters. Operational Technology (OT) remains a key, but vulnerable, technology for organizations with critical infrastructure. To read this article in full, please click here

Ransomware 108

Ransomware Technology Government 108

Security Affairs

SEPTEMBER 12, 2023

Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild. Adobe Patch Tuesday security updates (APSB23-34) addressed a critical zero-day vulnerability actively exploited in the wild in attacks on Adobe Acrobat and Reader products.

Hacking 117

Hacking Software Information Security 117

The State of Security

MAY 31, 2021

The critical infrastructure of the United States includes all those systems and assets that are essential to the proper functioning, economy, health, and safety of American society. Critical Infrastructure: Addressing Cyber Threats and the Importance of Prevention appeared first on The State of Security. The post U.S.

Cyber threats 137

Cyber threats Financial Services Healthcare Mobile 137

Security Boulevard

SEPTEMBER 9, 2022

It has never been more critical than it is today to get things right in terms of cloud safety and security when building new software. Yet many organizations are still suffering from massive breaches, vulnerabilities and supply chain attacks.

Software 117

Software Security Awareness Cybersecurity 117

Veracode Security

APRIL 23, 2024

Code security is still a critical concern in software development. However, this progress comes with a variety of security risks that threaten the integrity and safety of applications.… For instance, when GitHub Copilot generated 435 code snippets, almost 36% of them had security weaknesses, regardless of the programming language.

Risk 52

Risk Technology Software 52

Security Boulevard

OCTOBER 6, 2023

Explore the critical role of secrets security in the era of software-driven vehicles. From code leaks to supply chain vulnerabilities, read how safeguarding automotive software is paramount for consumer safety. The post Why Automotive Companies Must Prioritize Secrets Detection appeared first on Security Boulevard.

Software 62

Software 62

Malwarebytes

FEBRUARY 19, 2022

US Senators Richard Blumenthal of Connecticut and Marsha Blackburn of Tennessee have introduced the Kids Online Safety Act (KOSA), legislation that aims to enhance children’s safety online. Big Tech has brazenly failed children and betrayed its trust, putting profits above safety.

Media 132

Media Telecommunications Accountability Advertising 132

CSO Magazine

JULY 21, 2021

The Department of Homeland Security's (DHS) Transportation Safety Administration (TSA) yesterday announced a second security directive that requires owners and operators of TSA-designated critical pipelines to implement cybersecurity measures that help protect against malicious digital incidents.

Cybersecurity 142

Cybersecurity Ransomware 142

SecureWorld News

FEBRUARY 1, 2024

government conducted an extensive operation to disrupt a Chinese state-sponsored botnet that was being used to conceal attacks against American critical infrastructure organizations, the Justice Department announced this week. In December 2023, the U.S. It was controlled by a prolific Chinese hacking group tracked as Volt Typhoon.

Energy and Utilities 122

Energy and Utilities Government Hacking Malware 122

Zero Day

JUNE 7, 2022

The feature is useful but has its limitations in fighting domestic and intimate partner violence.

54

54

Security Boulevard

JUNE 22, 2021

A recent blog post, “ Automotive software defects ”, from Phil Koopman, Carnegie Mellon professor and author of “ Better Embedded Software ”, talks about increasing number of software defects in automotive software that are significant safety hazards. The post contains a list of recent NHTSA safety recalls related to software defects.

Software 100

Software Manufacturing Risk Engineering 100

Security Boulevard

MARCH 12, 2022

Although originally intended for safety critical applications in the automotive market, it is being used in other areas such as medical and aerospace. MISRA C is a well-known and respected standard and it’s catching on in other markets.

Marketing 98

Marketing Software 98

Google Security

OCTOBER 9, 2023

Many security-critical components of an Android system run in a “bare-metal” environment, outside of the Linux kernel, and these are historically written in C. We fixed the specific issues we found in U-Boot, but by leveraging Rust we can avoid these sorts of memory-safety vulnerabilities in future.

Firmware 138

Firmware Architecture Engineering 138

CSO Magazine

NOVEMBER 11, 2021

Security researchers have uncovered serious vulnerabilities in the TCP/IP stack of a real-time operating system (RTOS) called Nucleus that's used in safety-critical devices across many industry verticals.

Risk 131

Risk 131

Security Boulevard

APRIL 27, 2021

Automation, when done properly, can improve the productivity, quality, safety, and security in your software development. The post Why automation is critical for your software development appeared first on Software Integrity Blog. The post Why automation is critical for your software development appeared first on Security Boulevard.

Software 98

Software 98

Schneier on Security

SEPTEMBER 15, 2023

Then lay out the most salient criticisms of the book. Schneier argues for rational, ethical approaches to security aimed at genuine protection while avoiding violations of human rights in the name of safety. The summary is pretty accurate, and so are the criticisms. Prudence, transparency, and proportionality are essential.

Data collection 178

Data collection Risk Surveillance Manufacturing 178

CSO Magazine

SEPTEMBER 26, 2022

The new advisory builds on previous NSA/CISA guidance on stopping malicious ICS activity and reducing OT exposure , and comes as the cybersecurity risks surrounding OT and ICS continue to threaten to safety of data and critical systems. To read this article in full, please click here

Technology 110

Technology Cybersecurity Risk 110