Other News

Cybersecurity.

Spotlight Podcast: At 15 Cybersecurity Awareness Month Grows with Cyber Risk

In this Spotlight Podcast, sponsored by RSA: October is Cybersecurity Awareness Month. But what does that mean in an era when concerns about cybersecurity permeate every facet of our personal and professional lives? Russ Schrader of the National Cybersecurity Alliance (NCSA) and Angel Grant of RSA join us to discuss the history of Cybersecurity Awareness Month and how the event is changing to meet growing demand. 

Did Bloomberg get its story on a supply chain attack on motherboard maker Super Micro right?

Podcast Episode 115: Joe Grand on Unicorn Spotting and Bloomberg’s Supply Chain Story

Podcast: Play in new window | Download (Duration: 35:36 — 40.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#115), noted hardware enthusiast and hacker Joe Grand (aka “Kingpin”) told reporters from Bloomberg that finding an in-the-wild supply chain hack implanting malicious hardware on motherboards was akin to witnessing “a unicorn jumping over a rainbow.” They went with their story about just such an attack anyway. Joe joins us in the Security Ledger studios to talk about whether Bloomberg got it right. Also, Adam Meyers of Crowdstrike comes into the studio to talk about the U.S. Department of Justice indictment of seven Russian nationals. Adam talks about the hacks behind the charges and what comes next.

China's government appears to be suppressing information on serious, exploitable security vulnerabilities in software, a study by Recorded Future found.

Apple, Amazon Throw Shade on Supply Chain Hack Story

A report by Bloomberg alleging a massive operation by China’s Peoples Liberation Army (PLA) to plant spy hardware on servers used by some of the U.S.’s most high profile corporations is being refuted by tech vendors Apple as well as Amazon, who contend that no such compromises took place. The report written by Jordon Robinson and Michael Riley and released Thursday says that PLA agents implanted tiny surveillance chips on server motherboards manufactured by Super Micro Computer. The devices, no larger than a pencil tip, could give Chinese agents access to and control over critical hardware used by Apple Computer, Amazon and other large, U.S. firms, including financial services firms and intelligence agencies, the report says. [You might also want to read: Massive Facebook Breach Affects 90 Million Accounts] If true, the incident would be one of the most serious uses of a so-called “supply chain” hack, in which sophisticated adversaries […]