KB Kookmin Bank recognized the growing product security challenge in providing modern services based on increasingly complex software. More suppliers. More open source. More weak points. Understanding the trust of their customers was paramount. The bank was ready to rethink the tools they were using in order to better understand their product security posture and […]
As vehicles have come to rely heavily on software and an increasingly complex software supply chain, the cyber threat landscape continues to evolve, and security and safety standards are more critical than ever. Industry-wide recognition of automotive cybersecurity risks has pushed regulators and industry leaders to double-down on regulation. The recent adoption of UNECE WP.29 […]
Christopher Gates, Leading Medical Device Security Expert, Joins Cybellum’s Industry Advisory Board Author of the Groundbreaking Book: Medical Device Cybersecurity for Engineers and Manufacturers Is One of the Foremost Authorities in this Industry Tel Aviv, Israel, March 14, 2023 – Cybellum, developers of the Product Security Platform for connected products, announced today that Christopher […]
The below piece is based on the resource: How FDA and the Omnibus Bill Will Reshape Pre & Post Market Product Security ——- The December 2022 Omnibus bill, a large spending bill passed by the US government, continues the Biden administration’s rhetoric of securing America’s infrastructure. Buried within this bill are new powers granted to […]
This article is based on Adam Shostack’s interview on the Left to Our Own Devices podcast. Adam Shostack, is a threat modeling expert, pioneer of the CVE standards, author of “What Every Engineer Should Learn From Star Wars,” advisor, game designer, and lecturer. When Adam realized his work affects people’s lives and data and […]
What will your team do if a software component or a supplier’s entire software suite becomes untrustworthy overnight? Do you have a backup plan in place? It’s a scenario that every OEM fears, but many will confront– with most admitting they have no idea what they would do. That’s because current threat intelligence, CVEs, and […]
The Product Security community has had a rough go of it lately. Ransomware attacks, New regulation, Greater internal liabilities, Oh, and no cross-industry processes to better manage the long tail suppliers. Remember years ago how the local news team would forecast a sunny day, just for it to rain? But, with the advancements in connecting […]
This partnership provides automotive industry domain-specific cybersecurity expertise and solutions for enhanced safety and regulatory compliance Tel Aviv, Israel, February 3, 2023 – Cybellum, provider of the Product Security Platform for connected products, has partnered with First International Computer (FIC) to expand its APAC business, providing the automotive industry with domain-specific cybersecurity expertise and solutions […]
Vulnerability overview: The potential impact on OEMs A new denial of service vulnerability, recently reported by Qualcomm, is having a direct impact on automotive products. The vulnerability has not yet been detailed on either the official NVD or MITRE web pages. The vulnerability (CVE-2022-33216) which affects several Qualcomm components and products, was defined as “a […]
