Cybersecurity

This posting is here to collect cyber security news in October 2022. I post links to security vulnerability news to comments of this article. You are also free to post related links to comments. →

Finnish bank hacking disaster: 150 data breaches, 53 frauds, loot of millions, a group of friends involved, bug has been on-line for months, allowed fraudent authentication to third party services (like medical records, taxes, etc.) On Tuesday, S-Pankki (S-bank) announced a vulnerability that occurred in the spring and summer when identifying with online banking credentials. →

I visited Embedded Conference Finland 2022 this week few days ago. Here are some picks from the cyber security info shown at conference. Embedded cyber security is a horizontal legal requirement in EU by end of 2024 Antti Tolvanen, Sales Director, Etteplan Post-quantum cryptography: The current status and future consequences Kimmo Järvinen, CTO, Xiphera Preparing →

This posting is here to collect cyber security news in September 2022. I post links to security vulnerability news to comments of this article. You are also free to post related links to comments. →

There has been several BWAIN PC hardware vulnerabilities published this summer. BWAIN is a short name for a Bug With An Impressive Name. BWAIN is an accolade that we hand out when a new cybersecurity flaw not only turns out to be interesting and important, but also turns up with its own logo, domain name →

Some critical systems aren’t exposed to the public internet and sit, apparently safely, in an isolated environment, air gapped from the rest of the world by a lack of internet connectivity. The integrity of the air gap is only maintained when the means of data transport in and out of the environment are equally subject →

This posting is here to collect cyber security news in August 2022. I post links to security vulnerability news to comments of this article. You are also free to post related links to comments. →

This posting is here to collect cyber security news in July 2022. I post links to security vulnerability news to comments of this article. You are also free to post related links to comments. →

Any device sporting a chip and some form of communications protocol can be hacked – that’s almost as strong a law as those governing gravity. Besides audio and video data, there are a number of parallel protocols in HDMI that transmit more information than we’d expect. There is I2C configuration data, HDCP (High-bandwidth Digital Content →

Critical side-channel vulnerabilities in modern processors became well known in 2018 with Meltdown and Spectre vulnerabilities. And several more same type vulnerabilities followed. Now the newest on this series is called Hertzbleed Attack. It is a a new family of side-channel attacks: frequency side channels. Hertzbleed takes advantage that, under certain circumstances, the dynamic frequency →