Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.
Evil PLC” is what the researchers believe is a novel attack scenerio: infecting whichever engineer communicates with a PLC with malicious code. As a proof of viability, Claroty published a set of 11 new vendor-specific vulnerabilities that would allow for the attack.
Researchers at Eclypsium presented three new vulnerabilities in SecureBoot certified bootloaders affecting multiple processors up and down the supply chain, including ARM and x86 processors
A recent change in Chinese laws put new burdens on researchers that could have disincentivized participation vulnerability discovery competitions, such as Pwn2Own.
SC Media caught up with the chief research officer at Finnish cybersecurity firm WithSecure to hear what risk might look like as rapid increases in computing power usher in an era of building "with no restrictions."
The Institute for Security and Technology's Ransomware Task Force (RTF) released a blueprint for small and mid-sized enterprises to face ransomware Thursday, aiming to promote hygiene in less mature network environments.
After acquiring RiskIQ last year, Microsoft announced RiskIQ's PassiveTotal ASM product will fuel Defender External Attack Surface Management (EASM) and its researchers will staff Defender Threat Intelligence.
Killnet is best known for DDoS attacks against a Connecticut airport, institutions in Lithuania and Norway and the official website of the U.S. Congress.