The Security Ledger

While many organizations think the notion of keyboards, monitors and other hardware "spying" on them as the stuff of "James Bond" movies, Yossi Appleboum of Sepio Systems says that the threat is real - and much more common that either companies or consumers are aware.

The post Episode 195: Cyber Monday Super Deals Carry Cyber Risk appeared first...

Read the whole entry... »

Related Stories

• TV Maker TCL Denies Back Door, Promises Better Process
• Security Holes Opened Back Door To TCL Android Smart TVs
• Episode 188: Crowdsourcing Surveillance with Flock Safety

If you work within the security industry, compliance is seen almost as a dirty word. You have likely run into situations like that which @Nemesis09 describes below. Here, we see it’s all too common for organizations to treat testing compliance as a checkbox exercise and to thereby view compliance in a way that goes against its entire purpose....

Read the whole entry... »

Related Stories

• Episode 191: Shifting Compliance Left with Galen Emery of Chef
• Report: Critical Infrastructure Cyber Attacks A Global Crisis
• Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt

A serious security flaw in a commonly used npm security module, private-ip, may affect hundreds of thousands of private and public applications.

The post Exploitable Flaw in NPM Private IP App Lurks Everywhere, Anywhere appeared first on The Security Ledger.

Related Stories

• TV Maker TCL Denies Back Door, Promises Better Process
• Security Holes Opened Back Door To TCL Android Smart TVs
• Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt

Chinese electronics giant TCL has acknowledged security holes in some models of its smart television sets, but denies that it maintains a secret "back door" that gives it control over deployed TVs.

The post TV Maker TCL Denies Back Door, Promises Better Process appeared first on The Security Ledger.

Related Stories

• Security Holes Opened Back Door To TCL Android Smart TVs
• Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt
• Episode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons

Cyber attacks meant to disrupt the 2020 presidential election in the US were a foregone conclusion. But two weeks and more than 140 million votes later, predictions of cyber attacks on the U.S. presidential election have fallen flat. What happened?

The post Episode 194: What Happened To All The Election Hacks? appeared first on The Security Ledger.

Related Stories

• Spotlight Podcast: Taking a Risk-Based Approach to Election Security
• Episode 192: It’s Showtime! Are Local Governments Ready To Turn Back Election Hacks?
• Public Sector Mega-Vendor Tyler Technologies Says It Was Hacked

A report by independent researchers warns that TCL brand Android smart TVs contained serious and exploitable security holes. It also raises questions about the China-based electronics firm's ability to remotely access control deployed devices.

The post Security Holes Opened Back Door To TCL Android Smart TVs appeared first on The Security Ledger.

Related Stories

• Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt
• Public Sector Mega-Vendor Tyler Technologies Says It Was Hacked
• “Boothole” Bootloader Flaw Breaks Security on Most Linux, Windows Devices