The Security Ledger

1 month ago | securityledger.com | Paul F. Roberts

Enterprises spend billions of dollars annually on cybersecurity products to keep them from getting hacked. And yet, the hacks keep coming – and they’re getting worse. Why? A new report out from ReversingLabs* a malware analysis and software supply chain security firm, has an answer: because the open source and commercial software and services those enterprises run on are full of security issues that make them easy prey for malicious actors.

2 months ago | securityledger.com | Paul F. Roberts

Podcast: Play in new window | Download (Duration: 36:32 — 33.4MB) | EmbedSubscribe: Email | RSS In this episode of the podcast, host Paul Roberts welcomes Tanya Janca of She Hacks Purple back into the studio. Tanya talks about her newly released book: Alice and Bob Learn Secure Coding, published by Wiley and the larger problem of how to promote the teaching of secure coding practices to developers.

2 months ago | securityledger.com | Paul F. Roberts

Vulnerabilities in the STARLINK telematics software used in late model passenger vehicles made by Subaru enabled two, independent security researchers to gain unrestricted access to millions of Subaru vehicles deployed in the U.S., Canada and Japan.

Jan 15, 2025 | securityledger.com | Paul F. Roberts

Podcast: Play in new window | Download (Duration: 30:49 — 28.2MB) | EmbedSubscribe: Email | RSS In this Spotlight episode of The Security Ledger Podcast, Paul speaks with David Kellerman, the Field CTO at Cymulate, about the growing complexity of the cyber threat landscape -and IT security deployments. David and I delve into the growing demand for security validation technology, like Cymulate’s, that allows organizations to assess the utility and effectiveness of their security investments.

Sep 27, 2024 | securityledger.com | Paul F. Roberts

Researchers have disclosed a glaring remote access flaw in web-based applications used by KIA automotive dealers.