Notice Bored

OCTOBER 22, 2021

Most if not all developments involve information (requirements/objectives, specifications, plans, status/progress reports etc.) and potentially substantial information risks. As is the way with ISO27k, the trick is to focus on the information risks. What changes are needed first, and why?

Risk 80

Risk Firmware Software Information Security 80

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. Cryptographic keys on the device or pod.

IoT 52

IoT Firmware Mobile Manufacturing 52

ForAllSecure

APRIL 26, 2022

So there’s a need, a definite need, for information security professionals to have access to industrial control systems -- not virtual, but actual hands on systems -- so they can learn. In a moment I’ll introduce you to someone who is trying to do that--bring ICS equipment to security conferences.

Hacking 52

Hacking Energy and Utilities Manufacturing Firmware 52

Daniel Miessler

MAY 14, 2020

Keep your firmware and software updated. Turn on automatic updates, install updates from the operating system when you’re asked to, and make a regular habit of updating everything in your technology ecosystem. Keep all of your software and hardware religiously updated.

Risk 345

Risk Password Management Passwords Accountability 345

ForAllSecure

MAY 13, 2022

Vamosi: But as someone who wrote a book questioning the security of our mass produced IoT devices, I wonder why no one bothered to test and certify these devices before they were installed? So nothing to do with electronics whatsoever other than we sell, you know, technology products, right, and cameras and things like that.

Engineering 52

Engineering Energy and Utilities Computers and Electronics Firmware 52

ForAllSecure

FEBRUARY 22, 2023

Last year at Hacker Summer Camp I was invited to Mikko Hypponen’s book launch for If it’s Smart, It’s vulnerable. Whether it's finding a bug, whether it's for analyzing malware, it's just more of a like a compiler, it dooleys technology. And dealing with technology has new constraints. VAMOSI: I am not a gamer.

Engineering 40

Engineering Hacking Wireless Marketing 40

ForAllSecure

AUGUST 2, 2022

Anyone who has anyone in the information security community is usually melting under the hot Nevada sun. I write a monthly security column for Windows Secrets and I do a couple other things on the side. I've also written the book which I'll get to in a moment. This is a bytes and bullets. is or what it controls.

Hacking 40

Hacking Computers and Electronics InfoSec Software 40