Major vulnerability patched in the EU’s eIDAS authentication system

European authorities have released today a patch for the eIDAS system. The patch fixes two security flaws that could allow an attacker to pose as any EU citizen or business during official transactions. eIDAS stands for electronic IDentification, Authentication and trust Services. It is a Read More …

Uncovering IoT Threats in the Cybercrime Underground

Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical Read More …

Popular SoC Boards Have An Unpatchable Security Flaw, Leaving Many Automotive, Industrial And Military Components At Risk

Researchers conducting a routine security audit recently discovered two serious security flaws within a popular brand of System on a Chip (SoC) boards. The security vulnerability undermines secure boot capabilities. What’s most concerning is the fact that the SoC is Read More …

Cyberattack warning to small plane owners: How your aircraft could be vulnerable

The alert from the DHS critical infrastructure computer emergency response team. warns that modern flight systems are vulnerable to hacking if a person manages to gain unrestricted access to an aircraft. The alert also recommends that small plane owners restrict unauthorized physical Read More …

Critical Rockwell Automation Bug in Drive Component Puts IIoT Plants at Risk

A critical Rockwell Automation flaw could be exploited to manipulate an industrial drive’s physical process and or even stop it. A critical denial-of-service (DoS) vulnerability has been found in a Rockwell Automation industrial drive, which is a logic-controlled mechanical component Read More …

ASD reveals rules for keeping vulnerabilities secret

The Australian Signals Directorate (ASD) has quietly published its process for deciding when knowledge of cybersecurity vulnerabilities is kept secret. This is the first official acknowledgement that the ASD might not disclose all of the vulnerabilities it discovers. However, knowledge Read More …

Siemens Warns of Critical Remote-Code Execution ICS Flaw

Siemens has released 16 security advisories for various industrial control and utility products, including a warning for a critical flaw in the WibuKey digital rights management (DRM) solution that affects the SICAM 230 process control system. SICAM 230 is used for a Read More …