Paul's Security WeeklySubscribe
Critical Infrastructure Security

Unsophisticated Methods – PSW #844

This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance of understanding internet speed needs, and the cybersecurity threats facing water systems. They also discuss the potential chaos that could arise from infrastructure failures and the vulnerabilities present in automated tank gauges, emphasizing the need for better asset management and security measures.

Full episode and show notes

Hosts

Professor at Roger Williams University
  1. 1. Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means
  2. 2. Kansas water plant cyberattack forces switch to manual operations
  3. 3. Critical Tank Gauge Bugs Threaten Gas Infrastructure
  4. 4. Car software patches are over 20% of recalls, study finds
  5. 5. ‘Honkai: Star Rail’ game executable hijacked to launch ransomware
  6. 6. CrowdStrike changes software update system after widespread outage
  7. 7. Cybersecurity Products Conking Out After macOS Sequoia Update
  8. 8. Kaspersky deletes itself, installs UltraAV antivirus without warning
  9. 9. 11 million devices infected with botnet malware hosted in Google Play
  10. 10. Kubuntu Focus Ir14 Gen 2 review: Using Linux instead of messing with it
  11. 11. Linux boots in 4.76 days on the Intel 4004
  12. 12. Secret calculator hack brings ChatGPT to the TI-84, enabling easy cheating
  13. 13. Your phone’s ‘5G’ icon and signal bars are lying to you
  14. 14. London Newspaper Plans to Revive Dead Art Critic With AI, Lays Off Real Writers
  15. 15. AI-Generated Malware Found in the Wild
  16. 16. Microsoft Deal Will Bring Nuclear Power Back to Three Mile Island
Product Security Research and Analysis Director at Finite State
  1. 1. Monostatic Multi-Target Wi-Fi-Based Breathing Rate Sensing Using Openwifi
  2. 2. Shielder – A Journey From `sudo iptables` To Local Privilege Escalation
  3. 3. Downtown Doug Brown » Fixing an Elgato HD60 S HDMI capture device with the help of Ghidra
  4. 4. Storm on the Horizon: Inside the AJCloud IoT Ecosystem — Elastic Security Labs
  5. 5. New PondRAT Malware Hidden in Python Packages Targets Software Developers
  6. 6. 4 exploits, 1 bug: exploiting CVE-2024-20017 4 different ways
  7. 7. Necro Trojan infects 11 million Android devices
  8. 8. Necro Trojan infiltrates Google Play and Spotify and WhatsApp mods
  9. 9. DWS Blog
  10. 10. Exclusive: Hacker uses Telegram chatbots to leak data of top Indian insurer Star Health
  11. 11. One-third of the US population’s background info is now public

Related

AI fixes everything, C++ the actual worst, IAM is hard – ASW #308

This week, in the Application Security News, we dismiss magical thinking and discuss what generative AI will actually be able to do for us. We also discuss whether Secure by Design's goals are practical or not. OSC&R releases a report on software supply chain that should be interesting, though neither of us had time to read it yet. Also, Wat...
How & Why ICIT Partnering with CRC is Moving Critical Infrastructure Security Forward – Cory Simpson – ISW24 #1

Join us live from the 30th anniversary of Infosec World 2024 in sunny Lake Buena Vista, Florida! In this special Cyber Risk TV interview, host Mandy Logan sits down with Cory Simpson, CEO of the Institute for Critical Infrastructure Technology (ICIT), to discuss their pivotal work in securing critical infrastructure and their exciting new partnersh...