IoT & ICS Security
![Apple CEO Tim Cook, looking grim](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE
Richi Jennings | | App Sec & Supply Chain Security, Apple, Apple iOS, AppSec & Supply Chain Security, CocoaPods, CVE-2024-38366, CVE-2024-38368, dependencies, dependency injection, Dependency Management, macos, macOS Security, Modern Software Supply Chains, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, SB Blogwatch, software dependencies, Supply-Chain Insecurity, third-party dependencies, trust dependencies
Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug ...
Security Boulevard
![Passkeys: The Future of Passwordless Authentication](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Passkeys: The Future of Passwordless Authentication
Deepak Gupta - Tech Entrepreneur, Cybersecurity Author | | AI (Artificial Intelligence), biometrics, Innovation, Password, password manager, passwordless, security
Say goodbye to passwords! Passkeys are the next generation of authentication, offering enhanced security and convenience. Learn how passkeys work, their benefits over passwords, and why they are the future of secure ...
![The Impending Identity Crisis Of Machines: Why We Need To Secure All Non-Human Identities, From Genai To Microservices And IOT](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
The Impending Identity Crisis Of Machines: Why We Need To Secure All Non-Human Identities, From Genai To Microservices And IOT
Ravishankar Chamarajnagar | | api, application programming interfaces, Artificial Intelligence, iam, identity and access management, Identity-First Security, iot, machine identity management, machine learning, non-human identity
The digital landscape is no longer solely populated by human actors. Lurking beneath the surface is a silent legion – non-human or machine identities . These non-human identities encompass computers, mobile devices, ...
![An ASUS router, with superimposed text: “Patch ASUS ASAP”](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
ASUS Router User? Patch ASAP!
Richi Jennings | | Asus, Attacking Routers, CVE-2024-3079, CVE-2024-3080, CVE-2024-3912, firmware, firmware attacks, firmware patch, firmware security, firmware update, Firmware Updates, Firmware Vulnerabilities, firmware vulnerability, flawed routers, IoT firmware, Malicious Firmware Updates, router, router compromise, router exploit, router hacking, router hijacking, router malware, router security, router vulnerabilities, router vulnerability, SB Blogwatch
Or junk it if EOL: Two nasty vulnerabilities need an update—pronto ...
Security Boulevard
![Forescout networking equipment IoT security risks](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Network Equipment, IoT Devices are Big Security Risks: Forescout
IT systems – and this year networking equipment in particular – continue to pose the most security risk for organizations, but it is the vulnerable Internet of Things (IoT) devices that are ...
Security Boulevard
IoT Security Means Remediation Not Mitigation
A topic that I recently got asked about was vulnerability mitigation for IoT systems, which shows that even within the security community there is still a belief that mitigation equals threat resolution. ...
Complete Guide to NIST CSF 2.0
In a world where threats lurk around every digital corner, cybersecurity has become the buzzword for organizations aiming to safeguard their assets, data, and reputation. In this pursuit, the NIST Cybersecurity Framework ...
Complete Guide to XIoT Security
The Extended Internet of Things (XIoT) is a comprehensive term covering all connected cyber-physical systems. It is not just the traditional “Internet of Things” (IoT) devices you might think of, like smart ...
![a USB drive](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
A Major Industrial Cybersecurity Threat: Living off the Land Attacks
Nathan Eddy | | commercial infrastructure, CPS, Cyber-Physical Systems, Honeywell, ICS, industrial control systems, iot, living off the land, lotl, operational technology, USB
In “Living off the Land attacks,” adversaries use USB devices to infiltrate industrial control systems. Cyberthreats from silent residency attacks put critical infrastructure facilities at risk ...
Security Boulevard
![A small cabin in the middle of a forest](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
‘Pumpkin Eclipse’ — 600,000+ Rural ISP Routers Bricked Beyond Repair
Richi Jennings | | ActionTec, Attacking Routers, cable modem, Chalubo, firmware, firmware attacks, firmware patch, firmware security, firmware update, flawed routers, Modem, Pumpkin Eclipse, router, router botnet, router compromise, router exploit, router hacking, router hijacking, router security, router vulnerabilities, router vulnerability, Sagemcom, SB Blogwatch, Windstream
Daft name, serious risk: Kit from ActionTec and Sagemcom remotely ruined and required replacement ...
Security Boulevard