https://www.securityweek.com/google-intros-slsa-framework-enforce-supply-chain-integrity The U.S. tech giant this week unveiled SLSA (Supply chain Levels for Software Artifacts), a new end-to-end framework the company hopes will drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. The long-term goal is for SLSA to support the automatic creation of auditable […]
https://securityaffairs.co/wordpress/119051/cyber-crime/unc2465-supply-chain-attack.html An affiliate of the Darkside ransomware gang, tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. UNC2465 is considered one of the main affiliated of the DARKSIDE group, along with other affiliates gangs tracked by FireEye/Mandiant as UNC2628 and UNC2659. The crooks compromised the website of the […]
How to build a Zero-day-attack into silicon. These are 29 holes in Intel CPU’s Bluetooth, and Security. https://threatpost.com/intel-security-holes-cpus-bluetooth-security/166747/
ANOM – Compromise the Insider, Compromise the Network, Compromise the Asset. Read how a single compromised device can infect your whole organisation. https://www.cbsnews.com/news/anom-app-fbi-criminals-messaging-app/
Blueskytec are proud to have been selected by Schneider Electric as strategic partners in securing the UK/US Critical National Infrastructure. This strategic partnership leverages the Blueskytec Key Space Technology ™ Zero Trust Architecture technology into Industrial systems including energy distribution, renewables, smart cities, and many other areas of global interest for Schneider Electric. We are […]
19
Oct
Oct
Hackers attacked an unnamed university using the school’s IoT devices, including the vending machines and smart light bulbs. The issue was only discovered following increasing complaints from students and facility about slow network connections. A review by a Verizon research team revealed over 5000 hacked IoT devices were slowing the network by making seafood-related DNS […]
18
Oct
Oct
The NotPetya malware attack will cost TNT, a Dutch logistics company recently acquired by FedEx, an estimated $30 million. TNT was not the only victim with Danish shipping company Maersk and British consumer goods firm Reckitt Benckiser also announcing significant losses as a result of the attack. Read the full story here
14
Sep
Sep
Researchers from the University of Edinburgh have revealed the venerabilities of FitBit devices as modifications made to the Flex and One models allowed them to access encrypted information. While Fitbit has now updated it’s software to fix this issue the study highlights the potential security weaknesses of wearables and other IoT devices. See the full […]
20
Aug
Aug
US Senators from both parties have proposed a bill acknowledging the increased cyber security risk Internet of Things devices pose. The proposed bill aims to govern the cyber security requirements for IoT devices used by government agencies. For more information see here.
17
Jul
Jul
Hackers accessed data at a North American casino by targeting their high-tech fish tank. While the tank’s internet connection was intended to facilitate automatic adjustment of temperature and salinity, hackers used the connection to steal over 10 gigabytes of data. Read the full story here.