News

The Importance of Secure Flashing for Embedded Devices and Secure Implementation Practices

This is the third article in the series about embedded devices security, started with Strengthening the Security of Embedded Devices The second article was Secure Booting for Embedded Devices: Safeguarding Systems from Intrusions In this article, we will explore the importance of secure flashing for embedded devices and discuss best practices for implementing secure firmware updates. Secure flashing refers to the process of updating or replacing firmware on an embedded device in a secure and reliable manner. Firmware is the software code that runs directly on the hardware of the embedded device, controlling its functionality and behavior. Secure flashing ensures that firmware updates are performed in a way that minimizes the risk of unauthorized access, tampering, or corruption. Secure flashing involves implementing a set of security measures and practices to ensure the integrity, authenticity, and confidentiality of the firmware during the update process. These devices often rely on firmware updates to enhance functionality, address vulnerabilities, and ensure optimal performance. However, the process of flashing firmware onto embedded devices can introduce security risks if not handled properly.   Significance of Secure Flashing Vulnerability Mitigation Firmware updates often address security vulnerabilities discovered in embedded devices. Secure flashing ensures that these updates are…

Read More

Strengthening the Security of Embedded Devices

Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers, embedded devices are typically integrated into other devices or systems and are dedicated to carrying out a specific set of functions. They are often characterized by their compact size, low power consumption, and optimized performance for their intended application. Embedded devices can be found in various domains and industries, including consumer electronics, automotive, healthcare, industrial automation, telecommunications, and IoT (Internet of Things). Examples of embedded devices include: Smartphones and tablets: These devices integrate multiple functionalities such as communication, multimedia, and internet access into a portable form factor. Home appliances: Devices like refrigerators, washing machines, and thermostats may contain embedded systems that control their operations and offer smart features. Industrial control systems: Embedded devices are widely used in manufacturing plants and industrial environments to monitor and control processes, machinery, and equipment. Automotive systems: Embedded devices are essential components in modern vehicles, managing functions such as engine control, entertainment systems, safety features, and navigation. Medical devices: Embedded systems are utilized in various medical equipment, such as patient monitoring devices, implantable devices, and diagnostic tools. IoT devices: These are interconnected devices that gather,…


Preventing Attacks and Securing the Supply Chain in the Security Software Industry

The security software industry plays a vital role in safeguarding sensitive data and protecting digital infrastructure. However, the industry itself faces a significant threat from supply chain attacks. Supply chain attacks occur when cybercriminals target vulnerabilities within the supply chain to compromise software or hardware products before they reach the end-users. By infiltrating the supply chain, attackers can inject malicious code, backdoors, or vulnerabilities, thereby compromising the security of the software. Such attacks can have far-reaching consequences, as they can compromise the confidentiality, integrity, and availability of critical systems and data. These attacks have the potential to undermine the integrity and trustworthiness of security software, leading to severe consequences for individuals, organizations, and even nations. This article examines the damaging impact of supply chain attacks on the security software industry, while also delving into preventive measures and strategies to secure the supply chain.   Impact: Loss of Trust: Supply chain attacks erode trust in security software products and the industry as a whole. When high-profile incidents occur, customers may lose confidence in the ability of software vendors to protect their assets and data. Financial Loss: The costs associated with supply chain attacks are staggering. Companies suffer significant financial losses due…


No Image

Targeted Phishing: Your auth password for [ user@host.com ] expires today !

It’s been a while since I received a targeted phishing. This time it is on one of my email accounts hosted on Google, and strangely, their phishing filter did not catch this one.     ITNotification <ITNotices@mail.com>  sorin@mustaca.com Expiration Your Password for sorin@mustaca.com has expired today. You can change your Password or continue using current Access   KEEP PASSWORD  ->erased domain on geocities.com   sorin@mustaca.com Admin. 2023 Admin – 2023


Takeovers in the IT-Security Industry

I just sow a post by AV-Comparatives called  “AV-Comparatives Explains the Implications of Takeovers in the IT-Security Industry” The entire article is very interesting and it is worth reading. And it is also objective and valid as well! Great job, AV-Comparatives! What made me write this post is the graphic at the end of the post (courtesy of AV-Comparatives):   I became immediately nostalgic  when I sow that it starts with 2003, the acquisition of GeCAD by Microsoft. I was there when this happened! For those who don’t know, I started my career in cybersecurity in 1999 at RAV Antivirus, produced until 2003 by GeCAD. I was in the industry when all these M&A happened and I was actually working with some of them when they were acquired. I am still working with some of them. 😉 Of course, the most interesting one was Avira being acquired twice in 12 months. I was no longer working as an employee of Avira, but I was working with Avira in 2020, when it was first acquired. I don’t know if these acquisitions are the only ones that happened in the AV industry, but this list it is for sure the most complete…


Cyber Monday – enjoy the discounts safe !

Today is Cyber Monday , a day when all webshops (and not only)  give big discounts to many products they sell. Even if the discount campaigns of some webshops are incredible and too good to let it go, you should think twice before giving the order: the discount is for a product that everybody wants and seems very hard to find. Think of PS5, latest XBOX, etc…. the discount is waaaaayyy too big to miss you haven’t seen that website/webshop before you haven’t bought from that webshop before you haven’t seen on the Internet any review about that webshop you are being requested to give your personal details, card or bank PIN number If you answered YES to at least one, then STOP right here, right NOW. As a rule of thumb If something is too good to be true, then probably it isn’t!   How can you recognize if a webshop is fake or fraud? Transform the 5 statements above in questions and ask yourself. Is the discount for a product that everybody wants and seems very hard to find? Why would any shop (online or offline) exactly the product that everybody wants at almost any price, reduce it…


BSI: Die Lage der IT-Sicherheit in Deutschland (German)

Quelle: https://www.bsi.bund.de/DE/Service-Navi/Publikationen/Lagebericht/lagebericht_node.html   Malwarelage: Das vergangene Jahr war geprägt von einer deutlichen Ausweitung cyber-krimineller Erpressungsmethoden. Nicht nur die Anzahl der Schadprogramm-Varianten stieg zeitweise rasant an – mit bis zu 553.000 neuen Varianten pro Tag der höchste jemals gemessene Wert (siehe Kapitel Neue Schadprogramm-Varianten, Seite 11). Auch die Qualität der Angriffe nahm weiterhin beträchtlich zu. https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-1-Schadprogramm-Varianten.mp4   Die Hauptbedrohungen: Cyber-Erpressungen entwickeln sich zur größten Bedrohung (Ransomware) https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-2-Ransomware.mp4   Schwachstellen https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/Lagebericht-3-MS-Exchange-Schwachstellen.mp4 Der Faktor „Mensch”     Mehr in dem PDF Dokument von BSI hier: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2021.pdf?__blob=publicationFile&v=3


Cyber Diplomacy – a course from UN Office for Disarmament Affairs

I just finished the online course “Cyber Diplomacy“, a course from the United Nations Office for Disarmament Affairs. For me it was interesting to find out how much from the real world has been already applied to the cybersecurity world. Unfortunately, by seeing this, I realized that actually nobody cares about these UN resolutions. For example, did you know that a country should not allow hackers to perform attacks on another country from within its territory? And how should this be controlled? We hear almost every week that Russia, China, Iran, North Korea, and many more are performing cyberattacks on “their enemies” (observe the quotes). If they are members of UN (click the links above to see details. Conclusion: The course is interesting, even if you don’t actually learn new concepts about cybersecurity. You do learn how serious cybersecurity is being taken by the UN. And this is good…



No Image

New Android app for IT Security News with push notifications

ITSecurityNews.info is my security news aggregator, which collects RSS feeds and publishes them in WordPress automatically. A long time ago I created an app using AppSpotr, but since then things have changed. So, I decided to write one myself. Of course, not from scratch, I took an open source project called fNotifier and changed it to my needs. The app remains running as a service and polls regularly (see screenshot below – Settings) for new feeds.   And after one rejection due to Policies, it was approved in the Play Store: https://play.google.com/store/apps/details?id=org.itsecuritynews   It is actually enough to visit the website on a mobile device and you will see immediately on the top of the page an offer to install the app.  


%d bloggers like this: