Schneier on Security

NOVEMBER 18, 2022

Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. The result is PCspooF, an attack that allows a single non-critical device connected to a single plane to disrupt synchronization and communication between TTE devices on all planes. .

Hacking 249

Hacking 249

Security Boulevard

FEBRUARY 16, 2021

The first line of defense in functional safety is typically your coding standard. The post On Demand Webinar featuring Solid Sands | Safety and Security Critical Software: Start with the End in Mind appeared first on Security Boulevard. As a first step, automated testing is really important. Click below and schedule your demo.

Software 59

Software Technology 59

InfoWorld on Security

APRIL 9, 2024

Parasoft has launched a tool to enhance safety testing for C and C++ applications. The tool comes at a time when the two venerable programming languages have come under fire over safety concerns.

61

61

SecureBlitz

FEBRUARY 22, 2024

Here’s the internet safety rules checklist. As technology and life online take over, protecting ourselves and our information on the internet and social media has become more critical than ever. Wouldn’t a checklist […] The post Internet Safety Rules Checklist [MUST READ] appeared first on SecureBlitz Cybersecurity.

Internet 84

Internet Internet Media Data breaches 84

Security Boulevard

APRIL 22, 2024

Critical infrastructure like electrical, emergency, water, transportation and security systems are vital for public safety but can be taken out with a single cyberattack. How can cybersecurity professionals protect their cities?

Cybersecurity 69

Cybersecurity 69

The Hacker News

APRIL 3, 2024

Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year.

98

98

Schneier on Security

JULY 27, 2022

Good essay arguing that open-source software is a critical national-security asset and needs to be treated as such: Open source is at least as important to the economy, public services, and national security as proprietary code, but it lacks the same standards and safeguards.

Software 289

Software Cybersecurity 289

The Last Watchdog

APRIL 22, 2024

Critical infrastructure like electrical, emergency, water, transportation and security systems are vital for public safety but can be taken out with a single cyberattack. Deadly exposure Securing critical infrastructure is crucial for the safety and comfort of citizens. Hackers irreversibly damage critical infrastructure.

Architecture 113

Architecture Internet Internet Risk 113

The Hacker News

NOVEMBER 10, 2021

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service (DoS), and information leak.

IoT 96

IoT Technology Software 96

Security Boulevard

MARCH 29, 2024

Given the criticality of enterprise IT products in our society today, we will likely see a combination of these two market influences work to reduce dangerous vulnerabilities and other […] The post Market Forces vs. Regulation: How to Drive IT Product Safety appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.

Marketing 64

Marketing Government 64

LRQA Nettitude Labs

APRIL 18, 2024

However, as AI systems become more complex and powerful, ensuring their safety becomes increasingly critical. In a ground-breaking move towards enhancing AI safety, MLCommons, an open collaboration-focused Artificial Intelligence engineering consortium, has unveiled the MLCommons AI Safety v0.5 The MLCommons AI Safety v0.5

Artificial Intelligence 57

Artificial Intelligence Risk Engineering 57

The Last Watchdog

AUGUST 29, 2023

It just means that, up to now, cybersecurity engineers and safety regulations have been remarkably successful at staying ahead of threats. This means that all avionics engineers had to ensure software on board planes was compliant and carefully tested for vulnerabilities and safety risks per DO-326A or ED-202A, no excuses, no alternatives.

Software 264

Software Risk Artificial Intelligence Engineering 264

IT Security Guru

JANUARY 25, 2024

Site safety briefings are an essential – and legally necessary – part of the onboarding process for any new starter on a construction site. Which begs the question: Are site safety briefings best delivered on-site or at home via online inductions ? Let’s discuss.

Software 116

Software Technology 116

Schneier on Security

JANUARY 8, 2021

Our insecure Internet infrastructure has become a critical national security risk­ — one that we need to take seriously and spend money to reduce. The market does not reward security, safety or transparency. The real question is why the US government bought such shoddy software for its critical networks.

Software 343

Software Government Internet Internet 343

Joseph Steinberg

AUGUST 16, 2021

Even if major essential service providers were to perfect their own cybersecurity operations, large numbers of smaller providers – sometimes functioning on just municipal scales – can still pose serious risks to life, health, safety, and property if they are not adequately protected against cyber threats.

Risk 246

Risk Cybersecurity Ransomware Artificial Intelligence 246

Security Boulevard

MARCH 26, 2024

Spoutible, the rapidly growing social media platform known for its commitment to fostering a safe, inclusive, and respectful online community, has taken a significant step forward in its mission to ensure user safety, security and data integrity.

Media 72

Media 72

Veracode Security

DECEMBER 7, 2023

December 9 marks two years since the world went on high alert because of what was deemed one of the most critical zero-day vulnerabilities ever: Log4Shell. Department of Homeland Security’s Cyber Safety Review Board determined that fully remediating Log4Shell would take a decade. The two-year anniversary of Log4Shell is a good…

138

138

The Hacker News

APRIL 6, 2023

Critical infrastructure attacks are a preferred target for cyber criminals. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national security, the economy, public health, or safety.

Government 89

Government 89

Centraleyes

FEBRUARY 22, 2024

It’s a proactive step in the right direction, considering the increasing cyberattacks on critical infrastructure. It was reassuring to know that the safety of drinking water wasn’t compromised, thanks to swift action and existing safeguards. Water facilities across the globe have been under siege by cybercriminals.

Cyber threats 52

Cyber threats Government Ransomware Authentication 52

Dark Reading

AUGUST 1, 2023

Businesses that develop business-, mission-, or safety-critical software must learn from previous victims of software supply chain attacks.

Software 80

Software 80

Google Security

DECEMBER 1, 2022

Posted by Jeffrey Vander Stoep For more than a decade, memory safety vulnerabilities have consistently represented more than 65% of vulnerabilities across products, and across the industry. From 2019 to 2022 the annual number of memory safety vulnerabilities dropped from 223 down to 85.

DNS 145

DNS Accountability Firmware Risk 145

Security Boulevard

MARCH 13, 2022

The MISRA C/C++ coding guidelines were created based on concerns about the ability to safely use the C and C++ programming languages in critical automotive systems. The post Accelerating Automotive Software Safety with MISRA C and SAST appeared first on Security Boulevard.

Software 98

Software 98

Security Boulevard

MARCH 13, 2022

Advanced Driver Assistance Systems (ADAS) are a key area of innovation in automotive electronics, but their potential improvement and positive impact on safety can only be realized with the same level of rigor as other safety-critical software.

Software 95

Software 95

The Hacker News

DECEMBER 7, 2022

Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Critical infrastructure is made up of digital

Telecommunications 83

Telecommunications Healthcare Technology 83

CyberSecurity Insiders

JUNE 2, 2023

In May 2021, the hack infiltrated critical systems of the pipeline, resulting in its shutdown for several days. Critical Infrastructure Attacks Double According to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), cyber-attacks against critical infrastructure in the United States have doubled since 2015.

Hacking 138

Hacking Cyber Attacks Engineering Cybersecurity 138

Graham Cluley

JULY 14, 2023

A federal grand jury has indicted a former employee of a contractor operating a California town's wastewater treatment facility, alleging that he remotely turned off critical systems and could have endangered public health and safety. Read more in my article on the Tripwire State of Security blog.

82

82

Threatpost

SEPTEMBER 4, 2019

The AK-EM 800 software from Danfoss centralizes alarm management, automatic data collection and food-quality reporting.

Data collection 60

Data collection Software Risk 60

CSO Magazine

APRIL 20, 2022

Why Securing our Critical Infrastructure Matters. Operational Technology (OT) remains a key, but vulnerable, technology for organizations with critical infrastructure. To read this article in full, please click here

Ransomware 108

Ransomware Technology Government 108

Security Boulevard

SEPTEMBER 9, 2022

It has never been more critical than it is today to get things right in terms of cloud safety and security when building new software. Yet many organizations are still suffering from massive breaches, vulnerabilities and supply chain attacks.

Software 119

Software Security Awareness Cybersecurity 119

The Security Ledger

MARCH 27, 2024

The auto industry fought calls for federal auto safety rules and requirements for decades, arguing that driver error and unsafe roads were responsible for accidents, not their vehicles. Since then, the auto industry’s tune on vehicle safety has done a 180 degree turn. Vehicle safety? million minor injuries, and $8.5

Software 52

Software Cyber Risk Risk Cybersecurity 52

The State of Security

MAY 31, 2021

The critical infrastructure of the United States includes all those systems and assets that are essential to the proper functioning, economy, health, and safety of American society. Critical Infrastructure: Addressing Cyber Threats and the Importance of Prevention appeared first on The State of Security. The post U.S.

Cyber threats 137

Cyber threats Financial Services Healthcare Mobile 137

Security Boulevard

OCTOBER 6, 2023

Explore the critical role of secrets security in the era of software-driven vehicles. From code leaks to supply chain vulnerabilities, read how safeguarding automotive software is paramount for consumer safety. The post Why Automotive Companies Must Prioritize Secrets Detection appeared first on Security Boulevard.

Software 64

Software 64

Security Affairs

SEPTEMBER 12, 2023

Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild. Adobe Patch Tuesday security updates (APSB23-34) addressed a critical zero-day vulnerability actively exploited in the wild in attacks on Adobe Acrobat and Reader products.

Hacking 111

Hacking Software Information Security 111

CSO Magazine

JULY 21, 2021

The Department of Homeland Security's (DHS) Transportation Safety Administration (TSA) yesterday announced a second security directive that requires owners and operators of TSA-designated critical pipelines to implement cybersecurity measures that help protect against malicious digital incidents.

Cybersecurity 142

Cybersecurity Ransomware 142

Malwarebytes

FEBRUARY 19, 2022

US Senators Richard Blumenthal of Connecticut and Marsha Blackburn of Tennessee have introduced the Kids Online Safety Act (KOSA), legislation that aims to enhance children’s safety online. Big Tech has brazenly failed children and betrayed its trust, putting profits above safety.

Media 125

Media Telecommunications Accountability Advertising 125

Security Boulevard

JUNE 22, 2021

A recent blog post, “ Automotive software defects ”, from Phil Koopman, Carnegie Mellon professor and author of “ Better Embedded Software ”, talks about increasing number of software defects in automotive software that are significant safety hazards. The post contains a list of recent NHTSA safety recalls related to software defects.

Software 103

Software Manufacturing Risk Engineering 103

Security Boulevard

MARCH 12, 2022

Although originally intended for safety critical applications in the automotive market, it is being used in other areas such as medical and aerospace. MISRA C is a well-known and respected standard and it’s catching on in other markets.

Marketing 98

Marketing Software 98