Software Integrity Blog

Author Archive

Robert Vamosi

robertvamosi


Posts by Robert Vamosi:

 

Old malware creates new headaches for healthcare IT

A new study finds that old malware is actively being exploited in healthcare environments.

Continue Reading...

Posted in Medical Device Security | Comments Off on Old malware creates new headaches for healthcare IT

 

Why patching core open source libraries is only half the battle

On Tuesday, Talos, a division of Cisco, warned against three critical memory-related vulnerabilities that remain exploitable even after patching an open source component.

Continue Reading...

Posted in Open Source Security, Software Architecture and Design | Comments Off on Why patching core open source libraries is only half the battle

 

Lexus infotainment systems go dark after software glitch

Toyota confirmed on Thursday that infotainment and navigation systems on some Lexus models have shut down due to a software glitch.

Continue Reading...

Posted in Automotive Security, Internet of Things | Comments Off on Lexus infotainment systems go dark after software glitch

 

Podcast: The good and the bad of Heartbleed, Part 2

Two years after the vulnerability in OpenSSL known as Heartbleed there remain valuable lessons still to be learned both about how vulnerabilities are discovered and how the security community should respond.

Continue Reading...

Posted in Open Source Security, Software Architecture and Design | Comments Off on Podcast: The good and the bad of Heartbleed, Part 2

 

Russian bug bounty program to target government software

In a bid to harden government software in Russia, the government is discussing a possible bug bounty program.

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Russian bug bounty program to target government software

 

Mozilla Funds Effort to Find Next Heartbleed

A new program, Secure Open Source, aims to discover and remediate serious vulnerabilities in common open source software.

Continue Reading...

Posted in Open Source Security, Software Architecture and Design | Comments Off on Mozilla Funds Effort to Find Next Heartbleed

 

Symantec announces anomaly detection for automotive

Maybe you’re not yet worried about a remote hacker disabling the brakes on your car, but anti-virus vendor Symantec has produced an anomaly detection system for automobiles that doesn’t require OEMs to install new hardware and claims to identify zero-day attacks.

Continue Reading...

Posted in Automotive Security | Comments Off on Symantec announces anomaly detection for automotive

 

Podcast: Billy Rios on the good and the bad of Heartbleed, Part 1

Two years after its disclosure, the vulnerability in OpenSSL known as Heartbleed remains significant. There are valuable lessons still to be learned both about how the vulnerability was initially discovered and how the security community has responded over time.

Continue Reading...

Posted in Fuzz Testing, Internet of Things, Open Source Security | Comments Off on Podcast: Billy Rios on the good and the bad of Heartbleed, Part 1

 

Researcher finds Mitsubishi Outlander can be remotely hacked

In response to new research, Mitsubishi is recommending that owners of its European Outlander model turn off the Wi-Fi system while it investigates potential vulnerabilities.

Continue Reading...

Posted in Automotive Security | Comments Off on Researcher finds Mitsubishi Outlander can be remotely hacked

 

Irongate attacks ICS Siemens Step 7 PLCs—Similar to Stuxnet

A new family of ICS-focused malware, dubbed Irongate, interferes with industrial process running within a simulated Siemens control system environment.

Continue Reading...

Posted in General | Comments Off on Irongate attacks ICS Siemens Step 7 PLCs—Similar to Stuxnet