OT Security

This week we welcome Ed Skoudis to talk about the holiday hack challenge (https://sans.org/HolidayHack). In the security news: Oh Asus Dashcam botnets Weird CVEs being issued CodeRED, but not the worm Free IP checking Internet space junk and IoT Decade old Linux kernel vulnerabilities Breaking out of Claude code Malicious LLMs Hacker on a plan ge...

Axis Communications has become the first major surveillance camera manufacturer to sign the Cybersecurity and Infrastructure Security Agency's Secure by Design pledge, according to Cybersecurity Dive.

The document outlines four key principles to follow when considering AI use in OT.

South Korea's National Police Agency has announced the arrest of four individuals accused of breaching over 120,000 network-connected home and business cameras as part of a sexploitation scheme, the BBC reports.

DefenseScoop reports that the U.S. Department of Defense has introduced new guidelines for implementing zero-trust security in operational technology systems.

Malware has been spread in a recent update of the widely used open-source SmartTube YouTube client for Android TV after its developer's signing keys were compromised last week, reports BleepingComputer.

For OT systems, uptime is paramount. That's a hard rule that makes maintaining, upgrading, and securing them a complex struggle. Tomas "Data" Owens and James Cotter discuss how Tennessee is tackling the organizational and technical challenges that come with hardening OT systems across the state. Those challenges range from old technology (like RS-2...

In the security news: Cloudflare was down, it was not good Logitech breached The largest data breach in history? Fortinet Fortiweb - the saga continues Hacking Linux through your malware scanner, oh the irony I never stopped hating systemd The ASUS exploit that never existed If iRobot fails, can we deploy our own hacker bot army? Threat actors de...