Free webinar will take a deep dive into automotive cybersecurity risks and trends Israel, Tel Aviv, August 2, 2022 – Cybellum, a leading provider of the Product Security Platform for vehicle, product, and device manufacturers, announced today the opening of registration for a free webinar that will preview the soon to be released State of […]
During a recent security audit of a device, I stumbled upon a known security vulnerability in the Linux kernel. Although CVE-2017-18017 has been out there for quite some time, I could not find a full description of the bug and mechanism where the bug resides, or POC code exploiting the vulnerability. In order to exploit […]
Enables security management of a complete vehicle or product system, through a unified assessment of all its underlying firmware, components and SBOMs Detroit, Michigan and Tel Aviv, June 15, 2022 – Cybellum, a leading provider of the Product Security Platform for vehicle, product, and device manufacturers announced today at the 9th escar USA Conference the release […]
How an eye-opening conversation with a medical device cybersecurity expert inspired us to start a podcast for product security teams Cybersecurity pros are in the midst of an ongoing struggle. You need to constantly be on the watch for new threats, every single day. You need to find and recruit some of the most […]
Open-source software libraries are the backbone of modern software development and a critical piece of the software supply chain. Engineers don’t need to recreate existing functionality; instead, development efforts can be accelerated using open-source software (OSS) libraries. These days, almost 98% of applications use open-source libraries. Using open-source libraries does bring unique risks. Beyond security […]
Will bring insights and best practices to medical device manufacturers and healthcare professionals for remediating and mitigating cyber-attacks and vulnerabilities
Originally published on HelpNet Security, February 16th, 2022
In 2020, the SolarWinds supply chain attack penetrated deep into the Federal government’s infrastructure and into some of the largest and most tech-savvy organizations. The compromise gave attackers unprecedented access to some of the best-protected data in the world. It highlighted that no matter how big or well funded an organization is, cyber-attacks can still […]
NUCLEUS:13 is the latest in a long line of TCP/IP stack vulnerabilities that includes NAME:WRECK, Ripple20 and many others. The vulnerabilities have been discovered in the Nucleus TCP/IP stack owned by Siemens, and used in billions of devices.
Enables manufacturers to quickly pinpoint threats and vulnerabilities and remediate them across the product lifecycle and supply chain from design to deployment