THE SECURITY LEDGER WITH PAUL F. ROBERTS The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought EPISODE 216: SIGNED, SEALED AND DELIVERED: THE FUTURE OF In this episode of the podcast (#216), sponsored by Digicert, we talk with Brian Trzupek, Digicert’s Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can help prevent compromises like the recent hack of the

firm SolarWinds. We

DEERE JOHN: RESEARCHER WARNS AG GIANT’S SITE PROVIDES A Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn. EPISODE 215-1: JEREMY O’SULLIVAN OF KYTCH ON THE TECH TV Maker TCL Denies Back Door, Promises Better Process. Despite the company’s sterling reputation and dominant position in the marketplace, O’Sullivan found that the Taylor equipment was notoriously unreliable – to the point of becoming an Internet meme. EPISODE 214: DARKSIDE DOWN: WHAT THE COLONIAL ATTACK MEANS It was just a week ago, May 7th, 2021, that a successful cyberattack against one of the largest U.S. oil and gas pipelines, operated by the Colonial Pipeline Company, forced it to shut down and plunged the U.S. government into an unanticipated crisis.Within days, there were reports of consumers panic-buying petrol leading to gas shortages in the southeastern United States. THE SOC HOP NEEDS TO BE A RELIC OF THE PAST Author: Steve Garrison Steve Garrison Steve Garrison leads go-to-market and brand development strategies at Stellar Cyber and is a networking systems veteran with nearly 20 years of technology marketing experience. Steve has held global marketing positions at public and venture-backed companies, including ZeroStack (acquired by Lenovo), Infoblox, Force10 Networks (acquired by Dell, CAN BLOCKCHAIN SOLVE DATA’S INTEGRITY PROBLEM? The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem. STUDY FINDS CHINESE HARDWARE POWERS U.S. VOTING MACHINE December 16, 2019 12:37 by Paul Roberts. A new study by the firm Interos found that many hardware components in a popular touchscreen voting machine used in the U.S. originate in China or Russia. Efforts by the federal government and campaigns to keep state sponsored hackers from Russia and China out of U.S. elections may have

overlooked a one

RESEARCHERS WARN OF PHYSICS-BASED ATTACKS ON SENSORS Researchers Warn of Physics-Based Attacks on Sensors. Billions of sensors that are already deployed lack protections against attacks that manipulate the physical properties of devices to cause sensors and embedded devices to malfunction, researchers working in the U.S. and China have warned. In an article in Communications of the ACM FBI'S ADVICE ON RANSOMWARE? JUST PAY THE RANSOM. FBI Boston’s Joseph Bonavolonta said that paying the ransom is often the easiest path out of ransomware infections. In-brief: The nation’s top law enforcement agency is warning companies that they may not be able to get their data back from cyber criminals who use Cryptolocker, Cryptowall and other malware without paying a ransom. THE SECURITY LEDGER WITH PAUL F. ROBERTS The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought EPISODE 216: SIGNED, SEALED AND DELIVERED: THE FUTURE OF In this episode of the podcast (#216), sponsored by Digicert, we talk with Brian Trzupek, Digicert’s Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can help prevent compromises like the recent hack of the

firm SolarWinds. We

DEERE JOHN: RESEARCHER WARNS AG GIANT’S SITE PROVIDES A Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn. EPISODE 215-1: JEREMY O’SULLIVAN OF KYTCH ON THE TECH TV Maker TCL Denies Back Door, Promises Better Process. Despite the company’s sterling reputation and dominant position in the marketplace, O’Sullivan found that the Taylor equipment was notoriously unreliable – to the point of becoming an Internet meme. EPISODE 214: DARKSIDE DOWN: WHAT THE COLONIAL ATTACK MEANS It was just a week ago, May 7th, 2021, that a successful cyberattack against one of the largest U.S. oil and gas pipelines, operated by the Colonial Pipeline Company, forced it to shut down and plunged the U.S. government into an unanticipated crisis.Within days, there were reports of consumers panic-buying petrol leading to gas shortages in the southeastern United States. THE SOC HOP NEEDS TO BE A RELIC OF THE PAST Author: Steve Garrison Steve Garrison Steve Garrison leads go-to-market and brand development strategies at Stellar Cyber and is a networking systems veteran with nearly 20 years of technology marketing experience. Steve has held global marketing positions at public and venture-backed companies, including ZeroStack (acquired by Lenovo), Infoblox, Force10 Networks (acquired by Dell, CAN BLOCKCHAIN SOLVE DATA’S INTEGRITY PROBLEM? The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem. STUDY FINDS CHINESE HARDWARE POWERS U.S. VOTING MACHINE December 16, 2019 12:37 by Paul Roberts. A new study by the firm Interos found that many hardware components in a popular touchscreen voting machine used in the U.S. originate in China or Russia. Efforts by the federal government and campaigns to keep state sponsored hackers from Russia and China out of U.S. elections may have

overlooked a one

RESEARCHERS WARN OF PHYSICS-BASED ATTACKS ON SENSORS Researchers Warn of Physics-Based Attacks on Sensors. Billions of sensors that are already deployed lack protections against attacks that manipulate the physical properties of devices to cause sensors and embedded devices to malfunction, researchers working in the U.S. and China have warned. In an article in Communications of the ACM FBI'S ADVICE ON RANSOMWARE? JUST PAY THE RANSOM. FBI Boston’s Joseph Bonavolonta said that paying the ransom is often the easiest path out of ransomware infections. In-brief: The nation’s top law enforcement agency is warning companies that they may not be able to get their data back from cyber criminals who use Cryptolocker, Cryptowall and other malware without paying a ransom. FINGERPRINT BINARY MICROCHIP Author: Paul Roberts I'm an experienced writer, reporter and industry analyst with a decade of experience covering IT security, cyber security and hacking, and a fascination with the fast-emerging "Internet of Things."Paul Roberts I'm an experienced writer, reporter and industry analyst with a decade of experience covering IT security,

cyber

WHAT SOLARWINDS TELLS US ABOUT SECURING THE SOFTWARE The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought HOW NIST IS SECURING THE QUANTUM ERA Quantum computers powerful enough to break the strongest classical encryption are at least a decade away, but the time to develop quantum safe encryption is now. In this opinion piece, Thomas Pöppelmann, a Senior Staff Engineer, Security Architecture and Cryptography Research at Infineon Technologies talks about the steps NIST and companies like Infineon are taking to make that SPOTLIGHT PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE In this Spotlight Podcast, we speak with David Brumley, the Chief Executive Officer at the security firm ForAllSecure and an expert on the use of machine learning and automation to cyber security problems. We talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere is driving investment in automation. SECURITY HOLES OPENED BACK DOOR TO TCL ANDROID SMART TVS The researchers, John Jackson, an application security engineer for Shutter Stock, and the independent researcher known by the handle “Sick Codes,” said the flaws amount to a “back door” on any TCL Android smart television.“Anybody on an adjacent network can browse the TV’s file system and download any file they want,” said Sick Codes in an interview via the Signal platform. WANT TO PREVENT ANOTHER SOLARWINDS? START WITH DEVELOPERS It already seems like a lifetime ago that the hack of the Orion network management software by SolarWinds consumed the attention of the media, lawmakers and the for-profit information security industry. In reality, it was barely six months ago that the intrusion first came to light. In the space of UPDATE: TWO YEARS AFTER DISCOVERY DANGEROUS SECURITY HOLE Security researchers are again warning of a serious vulnerability in a GPS service by the China-based firm ThinkRace exposes sensitive data in scores of GPS services, more than two years after the hole was discovered and reported to the firm. EXPLAINED: TWO-FACTOR VS. MULTI-FACTOR AUTHENTICATION Two-factor solutions also don’t adapt to a wide range of use cases and scenarios. The authentication factors required have nothing to do with a user’s risk profile or login scenarios. Also: the same two factors are required with every login, meaning the same level of security is applied to all users regardless of risk and contextual

factors.

ESTONIA 10 YEARS LATER: LESSONS LEARNED FROM THE WORLD'S Estonia 10 Years Later: Lessons learned from the World’s First Internet War. April 28, 2017 15:52 by Gadi Evron. In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there

were many

FBI'S ADVICE ON RANSOMWARE? JUST PAY THE RANSOM. FBI Boston’s Joseph Bonavolonta said that paying the ransom is often the easiest path out of ransomware infections. In-brief: The nation’s top law enforcement agency is warning companies that they may not be able to get their data back from cyber criminals who use Cryptolocker, Cryptowall and other malware without paying a ransom. THE SECURITY LEDGER WITH PAUL F. ROBERTS May 13, 2021 Paul Roberts. An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest. Share this: DEERE JOHN: RESEARCHER WARNS AG GIANT’S SITE PROVIDES A Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn. EPISODE 214: DARKSIDE DOWN: WHAT THE COLONIAL ATTACK MEANS It was just a week ago, May 7th, 2021, that a successful cyberattack against one of the largest U.S. oil and gas pipelines, operated by the Colonial Pipeline Company, forced it to shut down and plunged the U.S. government into an unanticipated crisis.Within days, there were reports of consumers panic-buying petrol leading to gas shortages in the southeastern United States. REPORT: CRITICAL INFRASTRUCTURE CYBER ATTACKS A GLOBAL Report: Critical Infrastructure Cyber Attacks A Global Crisis. The systems we rely on to keep the lights on, heat our homes, make our medicines and move our goods are increasingly connecting to the Internet, and increasingly vulnerable to devastating CAN BLOCKCHAIN SOLVE DATA’S INTEGRITY PROBLEM? The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem. SPOTLIGHT PODCAST: DR. ZULFIKAR RAMZAN ON RSA'S NEXT ACT Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight Podcast, sponsored by RSA, we’re joined by Chief Digital Officer Dr. Zulfikar Ramzan about the company’s path forward as an independent company. | The company DAN GEER KEYNOTE: SECURITY OF THINGS FORUM The following is a transcript of a speech given by Dr. Dan Geer at the Security of Things Forum on May 7, 2014. The Forum was held at The Sheraton Commander in Cambridge, Massachusetts. The official copy of Dr. Geer’s speech lives on his web site, and can be found here. .Security of Things .Dan Geer, 7 May 14, Cambridge Thank you for your invitation and to the other speakers for their ESTONIA 10 YEARS LATER: LESSONS LEARNED FROM THE WORLD'S Estonia 10 Years Later: Lessons learned from the World’s First Internet War. April 28, 2017 15:52 by Gadi Evron. In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there

were many

DHS WARNS THAT DRONES MADE IN CHINA COULD STEAL U.S. DATA This is not the first time DJI aroused the suspicions of the U.S. government for its close ties to the Chinese state. Drones manufactured by the company already were banned by the U.S. Army in 2017, due to concerns that DJI shares critical infrastructure and law-enforcement data with the Chinese government.Among the other allegations DHS has made in the past are that DJI data is being used

to

GOVERNMENT, PRIVATE SECTOR UNPREPARED FOR 21ST CENTURY Government, Private Sector Unprepared for 21st Century Cyber Warfare. U.S. government agencies and businesses are largely unprepared for a major cyber attack from state-sponsored actors, and must prepare now, according to a report by key governmental-focused think tanks. The Foundation for Defense of Democracies and The Chertoff Group published THE SECURITY LEDGER WITH PAUL F. ROBERTS May 13, 2021 Paul Roberts. An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest. Share this: DEERE JOHN: RESEARCHER WARNS AG GIANT’S SITE PROVIDES A Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn. EPISODE 214: DARKSIDE DOWN: WHAT THE COLONIAL ATTACK MEANS It was just a week ago, May 7th, 2021, that a successful cyberattack against one of the largest U.S. oil and gas pipelines, operated by the Colonial Pipeline Company, forced it to shut down and plunged the U.S. government into an unanticipated crisis.Within days, there were reports of consumers panic-buying petrol leading to gas shortages in the southeastern United States. REPORT: CRITICAL INFRASTRUCTURE CYBER ATTACKS A GLOBAL Report: Critical Infrastructure Cyber Attacks A Global Crisis. The systems we rely on to keep the lights on, heat our homes, make our medicines and move our goods are increasingly connecting to the Internet, and increasingly vulnerable to devastating CAN BLOCKCHAIN SOLVE DATA’S INTEGRITY PROBLEM? The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem. SPOTLIGHT PODCAST: DR. ZULFIKAR RAMZAN ON RSA'S NEXT ACT Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight Podcast, sponsored by RSA, we’re joined by Chief Digital Officer Dr. Zulfikar Ramzan about the company’s path forward as an independent company. | The company DAN GEER KEYNOTE: SECURITY OF THINGS FORUM The following is a transcript of a speech given by Dr. Dan Geer at the Security of Things Forum on May 7, 2014. The Forum was held at The Sheraton Commander in Cambridge, Massachusetts. The official copy of Dr. Geer’s speech lives on his web site, and can be found here. .Security of Things .Dan Geer, 7 May 14, Cambridge Thank you for your invitation and to the other speakers for their ESTONIA 10 YEARS LATER: LESSONS LEARNED FROM THE WORLD'S Estonia 10 Years Later: Lessons learned from the World’s First Internet War. April 28, 2017 15:52 by Gadi Evron. In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there

were many

DHS WARNS THAT DRONES MADE IN CHINA COULD STEAL U.S. DATA This is not the first time DJI aroused the suspicions of the U.S. government for its close ties to the Chinese state. Drones manufactured by the company already were banned by the U.S. Army in 2017, due to concerns that DJI shares critical infrastructure and law-enforcement data with the Chinese government.Among the other allegations DHS has made in the past are that DJI data is being used

to

GOVERNMENT, PRIVATE SECTOR UNPREPARED FOR 21ST CENTURY Government, Private Sector Unprepared for 21st Century Cyber Warfare. U.S. government agencies and businesses are largely unprepared for a major cyber attack from state-sponsored actors, and must prepare now, according to a report by key governmental-focused think tanks. The Foundation for Defense of Democracies and The Chertoff Group published THE SECURITY LEDGER WITH PAUL F. ROBERTS Cyber Security News, Analysis and Opinion. In this Security Ledger Spotlight Video, we speak with Sudhakar Ramakrishna, the CEO of the firm Pulse Secure on that company's journey from Juniper Networks' remote access business unit to a thriving, independent company selling secure access technology to firms with on premises, cloud and mobile

deployments.

WHAT SOLARWINDS TELLS US ABOUT SECURING THE SOFTWARE The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought CODE SIGNING ARCHIVES The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought

THREATS ARCHIVES

News about the so-called VOHO “watering hole” attacks have faded from the headlines, but the hard work for hundreds of organizations who were victims of the attacks has just begun. EPISODE 215-1: JEREMY O’SULLIVAN OF KYTCH ON THE TECH TV Maker TCL Denies Back Door, Promises Better Process. Despite the company’s sterling reputation and dominant position in the marketplace, O’Sullivan found that the Taylor equipment was notoriously unreliable – to the point of becoming an Internet meme. HOW NIST IS SECURING THE QUANTUM ERA Quantum computers powerful enough to break the strongest classical encryption are at least a decade away, but the time to develop quantum safe encryption is now. In this opinion piece, Thomas Pöppelmann, a Senior Staff Engineer, Security Architecture and Cryptography Research at Infineon Technologies talks about the steps NIST and companies like Infineon are taking to make that SECURITY HOLES OPENED BACK DOOR TO TCL ANDROID SMART TVS The researchers, John Jackson, an application security engineer for Shutter Stock, and the independent researcher known by the handle “Sick Codes,” said the flaws amount to a “back door” on any TCL Android smart television.“Anybody on an adjacent network can browse the TV’s file system and download any file they want,” said Sick Codes in an interview via the Signal platform. WITH REMOTE WORK: MFA MAKES EVERYONE HAPPY With Remote Work: MFA Makes Everyone Happy. The sudden shift to remote work poses two challenges to organizations: fending off cyber attacks and keeping your remote workers productive, according to LogMeIn’s Rachael Stockton in this opinion * STAFFORD, UNITED KINGDOM SolarWinds Hacked image. Stafford, United Kingdom – December 24 2020: Solarwinds logo seen on the smartphone screen, with simple brute

force

EXPLAINED: TWO-FACTOR VS. MULTI-FACTOR AUTHENTICATION Everyone knows that passwords alone aren’t enough. Weak, reused or old passwords cause 80 percent of data breaches. From phishing to ransomware, zero-day vulnerabilities, to man-in-the-middle attacks, to key-logging and password cracking, cyberattacks leverage faster tools and exploit known weaknesses to get around even the strongest of

passwords.

THE SECURITY LEDGER WITH PAUL F. ROBERTS May 13, 2021 Paul Roberts. An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest. Share this: DEERE JOHN: RESEARCHER WARNS AG GIANT’S SITE PROVIDES A Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn. EPISODE 214: DARKSIDE DOWN: WHAT THE COLONIAL ATTACK MEANS It was just a week ago, May 7th, 2021, that a successful cyberattack against one of the largest U.S. oil and gas pipelines, operated by the Colonial Pipeline Company, forced it to shut down and plunged the U.S. government into an unanticipated crisis.Within days, there were reports of consumers panic-buying petrol leading to gas shortages in the southeastern United States. REPORT: CRITICAL INFRASTRUCTURE CYBER ATTACKS A GLOBAL Report: Critical Infrastructure Cyber Attacks A Global Crisis. The systems we rely on to keep the lights on, heat our homes, make our medicines and move our goods are increasingly connecting to the Internet, and increasingly vulnerable to devastating CAN BLOCKCHAIN SOLVE DATA’S INTEGRITY PROBLEM? The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem. SPOTLIGHT PODCAST: DR. ZULFIKAR RAMZAN ON RSA'S NEXT ACT Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight Podcast, sponsored by RSA, we’re joined by Chief Digital Officer Dr. Zulfikar Ramzan about the company’s path forward as an independent company. | The company DAN GEER KEYNOTE: SECURITY OF THINGS FORUM The following is a transcript of a speech given by Dr. Dan Geer at the Security of Things Forum on May 7, 2014. The Forum was held at The Sheraton Commander in Cambridge, Massachusetts. The official copy of Dr. Geer’s speech lives on his web site, and can be found here. .Security of Things .Dan Geer, 7 May 14, Cambridge Thank you for your invitation and to the other speakers for their ESTONIA 10 YEARS LATER: LESSONS LEARNED FROM THE WORLD'S Estonia 10 Years Later: Lessons learned from the World’s First Internet War. April 28, 2017 15:52 by Gadi Evron. In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there

were many

DHS WARNS THAT DRONES MADE IN CHINA COULD STEAL U.S. DATA This is not the first time DJI aroused the suspicions of the U.S. government for its close ties to the Chinese state. Drones manufactured by the company already were banned by the U.S. Army in 2017, due to concerns that DJI shares critical infrastructure and law-enforcement data with the Chinese government.Among the other allegations DHS has made in the past are that DJI data is being used

to

GOVERNMENT, PRIVATE SECTOR UNPREPARED FOR 21ST CENTURY Government, Private Sector Unprepared for 21st Century Cyber Warfare. U.S. government agencies and businesses are largely unprepared for a major cyber attack from state-sponsored actors, and must prepare now, according to a report by key governmental-focused think tanks. The Foundation for Defense of Democracies and The Chertoff Group published THE SECURITY LEDGER WITH PAUL F. ROBERTS May 13, 2021 Paul Roberts. An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest. Share this: DEERE JOHN: RESEARCHER WARNS AG GIANT’S SITE PROVIDES A Software vulnerabilities in web sites operated by John Deere could allow a remote attacker to harvest information on the company’s customers including their names, physical addresses and the equipment they own. The revelation suggests the U.S. agriculture sector is woefully unprepared for disruptive cyber attacks, experts warn. EPISODE 214: DARKSIDE DOWN: WHAT THE COLONIAL ATTACK MEANS It was just a week ago, May 7th, 2021, that a successful cyberattack against one of the largest U.S. oil and gas pipelines, operated by the Colonial Pipeline Company, forced it to shut down and plunged the U.S. government into an unanticipated crisis.Within days, there were reports of consumers panic-buying petrol leading to gas shortages in the southeastern United States. REPORT: CRITICAL INFRASTRUCTURE CYBER ATTACKS A GLOBAL Report: Critical Infrastructure Cyber Attacks A Global Crisis. The systems we rely on to keep the lights on, heat our homes, make our medicines and move our goods are increasingly connecting to the Internet, and increasingly vulnerable to devastating CAN BLOCKCHAIN SOLVE DATA’S INTEGRITY PROBLEM? The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem. SPOTLIGHT PODCAST: DR. ZULFIKAR RAMZAN ON RSA'S NEXT ACT Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight Podcast, sponsored by RSA, we’re joined by Chief Digital Officer Dr. Zulfikar Ramzan about the company’s path forward as an independent company. | The company DAN GEER KEYNOTE: SECURITY OF THINGS FORUM The following is a transcript of a speech given by Dr. Dan Geer at the Security of Things Forum on May 7, 2014. The Forum was held at The Sheraton Commander in Cambridge, Massachusetts. The official copy of Dr. Geer’s speech lives on his web site, and can be found here. .Security of Things .Dan Geer, 7 May 14, Cambridge Thank you for your invitation and to the other speakers for their ESTONIA 10 YEARS LATER: LESSONS LEARNED FROM THE WORLD'S Estonia 10 Years Later: Lessons learned from the World’s First Internet War. April 28, 2017 15:52 by Gadi Evron. In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there

were many

DHS WARNS THAT DRONES MADE IN CHINA COULD STEAL U.S. DATA This is not the first time DJI aroused the suspicions of the U.S. government for its close ties to the Chinese state. Drones manufactured by the company already were banned by the U.S. Army in 2017, due to concerns that DJI shares critical infrastructure and law-enforcement data with the Chinese government.Among the other allegations DHS has made in the past are that DJI data is being used

to

GOVERNMENT, PRIVATE SECTOR UNPREPARED FOR 21ST CENTURY Government, Private Sector Unprepared for 21st Century Cyber Warfare. U.S. government agencies and businesses are largely unprepared for a major cyber attack from state-sponsored actors, and must prepare now, according to a report by key governmental-focused think tanks. The Foundation for Defense of Democracies and The Chertoff Group published THE SECURITY LEDGER WITH PAUL F. ROBERTS Cyber Security News, Analysis and Opinion. In this Security Ledger Spotlight Video, we speak with Sudhakar Ramakrishna, the CEO of the firm Pulse Secure on that company's journey from Juniper Networks' remote access business unit to a thriving, independent company selling secure access technology to firms with on premises, cloud and mobile

deployments.

WHAT SOLARWINDS TELLS US ABOUT SECURING THE SOFTWARE The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought CODE SIGNING ARCHIVES The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought

THREATS ARCHIVES

News about the so-called VOHO “watering hole” attacks have faded from the headlines, but the hard work for hundreds of organizations who were victims of the attacks has just begun. EPISODE 215-1: JEREMY O’SULLIVAN OF KYTCH ON THE TECH TV Maker TCL Denies Back Door, Promises Better Process. Despite the company’s sterling reputation and dominant position in the marketplace, O’Sullivan found that the Taylor equipment was notoriously unreliable – to the point of becoming an Internet meme. HOW NIST IS SECURING THE QUANTUM ERA Quantum computers powerful enough to break the strongest classical encryption are at least a decade away, but the time to develop quantum safe encryption is now. In this opinion piece, Thomas Pöppelmann, a Senior Staff Engineer, Security Architecture and Cryptography Research at Infineon Technologies talks about the steps NIST and companies like Infineon are taking to make that SECURITY HOLES OPENED BACK DOOR TO TCL ANDROID SMART TVS The researchers, John Jackson, an application security engineer for Shutter Stock, and the independent researcher known by the handle “Sick Codes,” said the flaws amount to a “back door” on any TCL Android smart television.“Anybody on an adjacent network can browse the TV’s file system and download any file they want,” said Sick Codes in an interview via the Signal platform. WITH REMOTE WORK: MFA MAKES EVERYONE HAPPY With Remote Work: MFA Makes Everyone Happy. The sudden shift to remote work poses two challenges to organizations: fending off cyber attacks and keeping your remote workers productive, according to LogMeIn’s Rachael Stockton in this opinion * STAFFORD, UNITED KINGDOM SolarWinds Hacked image. Stafford, United Kingdom – December 24 2020: Solarwinds logo seen on the smartphone screen, with simple brute

force

EXPLAINED: TWO-FACTOR VS. MULTI-FACTOR AUTHENTICATION Everyone knows that passwords alone aren’t enough. Weak, reused or old passwords cause 80 percent of data breaches. From phishing to ransomware, zero-day vulnerabilities, to man-in-the-middle attacks, to key-logging and password cracking, cyberattacks leverage faster tools and exploit known weaknesses to get around even the strongest of

passwords.

THE SECURITY LEDGER WITH PAUL F. ROBERTS May 13, 2021 Paul Roberts. An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend criminalizes the work of ‘Good Samaritan’ security researchers acting in the public interest. Share this: CAN BLOCKCHAIN SOLVE DATA’S INTEGRITY PROBLEM? The rapid digitalization and automation of business processes makes data integrity critical, as low-quality data risks infecting automated business decision process. Authors Dan Geer and T. Mark Morley suggest that blockchain may offer one solution to the data integrity problem. STUDY FINDS CHINESE HARDWARE POWERS U.S. VOTING MACHINE December 16, 2019 12:37 by Paul Roberts. A new study by the firm Interos found that many hardware components in a popular touchscreen voting machine used in the U.S. originate in China or Russia. Efforts by the federal government and campaigns to keep state sponsored hackers from Russia and China out of U.S. elections may have

overlooked a one

SPOTLIGHT PODCAST: DR. ZULFIKAR RAMZAN ON RSA'S NEXT ACT Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight Podcast, sponsored by RSA, we’re joined by Chief Digital Officer Dr. Zulfikar Ramzan about the company’s path forward as an independent company. | The company ESTONIA 10 YEARS LATER: LESSONS LEARNED FROM THE WORLD'S Estonia 10 Years Later: Lessons learned from the World’s First Internet War. April 28, 2017 15:52 by Gadi Evron. In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there

were many

EXPLAINED: TWO-FACTOR VS. MULTI-FACTOR AUTHENTICATIONBEST MULTI FACTOR AUTHENTICATIONBEST MULTI FACTOR AUTHENTICATIONMULTI FACTOR AUTHENTICATION SOLUTIONSWHAT IS MULTI FACTOR AUTHENTICATIONWHAT IS MULTI FACTOR AUTHENTICATIONAMAZON DUAL FACTOR AUTHENTICATION Two-factor solutions also don’t adapt to a wide range of use cases and scenarios. The authentication factors required have nothing to do with a user’s risk profile or login scenarios. Also: the same two factors are required with every login, meaning the same level of security is applied to all users regardless of risk and contextual

factors.

SECOND UKRAINE POWER OUTAGE LINKED TO RUSSIAN HACKERS A December power outage in the city of Kiev in December has been linked to hacking activity by groups believed to be working on behalf of the government of Russia, according to published reports. Russian hacking crews were behind a brief power outage at the Pivnichna remote power transmission facility last month, using software based attacks

to

DAN GEER KEYNOTE: SECURITY OF THINGS FORUM The following is a transcript of a speech given by Dr. Dan Geer at the Security of Things Forum on May 7, 2014. The Forum was held at The Sheraton Commander in Cambridge, Massachusetts. The official copy of Dr. Geer’s speech lives on his web site, and can be found here. .Security of Things .Dan Geer, 7 May 14, Cambridge Thank you for your invitation and to the other speakers for their RESEARCHERS WARN OF PHYSICS-BASED ATTACKS ON SENSORS Researchers Warn of Physics-Based Attacks on Sensors. Billions of sensors that are already deployed lack protections against attacks that manipulate the physical properties of devices to cause sensors and embedded devices to malfunction, researchers working in the U.S. and China have warned. In an article in Communications of the ACM FBI, DHS WARN RUSSIAN DRAGONFLY GROUP STILL TARGETING US The Department of Homeland Security and the FBI on Thursday warned that the so-called "Dragonfly" hackers linked to the government of Russia are engaged in a "multi-stage intrusion campaign" against U.S. critical infrastructure, including the energy, nuclear, aviation and manufacturing sectors. WHAT SOLARWINDS TELLS US ABOUT SECURING THE SOFTWARE 1 day ago · The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought DIGITAL CERTIFICATE ARCHIVES The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought

THREATS ARCHIVES

News about the so-called VOHO “watering hole” attacks have faded from the headlines, but the hard work for hundreds of organizations who were victims of the attacks has just begun. STAFFORD, UNITED KINGDOM SolarWinds Hacked image. Stafford, United Kingdom – December 24 2020: Solarwinds logo seen on the smartphone screen, with simple brute

force

REPORT: CHINA RIDES CYBER ATTACKS TO SUPERPOWER STATUS Report: China Eyes IoT as Next Front of Cyber War on U.S. Etay Maor, Chief Security Officer at IntSights and author of a new report covering Chinese cyber strategy and tactics tells the Security Ledger that cyber lets China “level the playing field.”. While the US remains the world’s largest economy and military force, the report

notes

EXPLAINED: TWO-FACTOR VS. MULTI-FACTOR AUTHENTICATION Everyone knows that passwords alone aren’t enough. Weak, reused or old passwords cause 80 percent of data breaches. From phishing to ransomware, zero-day vulnerabilities, to man-in-the-middle attacks, to key-logging and password cracking, cyberattacks leverage faster tools and exploit known weaknesses to get around even the strongest of

passwords.

WITH REMOTE WORK: MFA MAKES EVERYONE HAPPY With Remote Work: MFA Makes Everyone Happy. The sudden shift to remote work poses two challenges to organizations: fending off cyber attacks and keeping your remote workers productive, according to LogMeIn’s Rachael Stockton in this opinion * UPDATE: TWO YEARS AFTER DISCOVERY DANGEROUS SECURITY HOLE Security researchers are again warning of a serious vulnerability in a GPS service by the China-based firm ThinkRace exposes sensitive data in scores of GPS services, more than two years after the hole was discovered and reported to the firm. NEXT PRIVACY TRAP FOR CONSUMERS? THEIR CARS. A self-driving Chevy Bolt on the GM assembly line. Self driving features in modern cars could pose risks for driver privacy. With flak still flying in the battle over the privacy of data shared on social networks, consumer advocates are raising a red flag about the data that is being collected and shared using another type of consumer platform: automobiles. RESEARCHERS WARN OF PHYSICS-BASED ATTACKS ON SENSORS Researchers Warn of Physics-Based Attacks on Sensors. Billions of sensors that are already deployed lack protections against attacks that manipulate the physical properties of devices to cause sensors and embedded devices to malfunction, researchers working in the U.S. and China have warned. In an article in Communications of the ACM

* About

* Sales

* Sponsorship & Media Kit * About Security Ledger

* Staff

* Contributors

* Top Stories

* Application Security * Internet of Things

* Connected Cars

* Connected Devices

* M2M

* Quantifiable Self

* Smart Home

* Sensors

* Wearable Computing

* Mobile Devices

* Supply Chain

* Threats

* Hacks & Hackers

* Malware

* Terrorism

* Expert Insights

* Thought Leadership

* Opinion

* Reports

* Video

* Podcasts

* Sponsors

* Current sponsors

* All sponsors

* Whitepapers

* Webinars

* Contact

* Subscribe

* Sales

FIND US ONLINE…

* twitter

* facebook

* rss

* linkedin

* youtube

* apple

* soundcloud

* podcast

* mail

* Contact

* Subscribe

* Sales

Cyber Security

News, Analysis and Opinion for The Internet Of Things Monday, April

27, 2020

Menu

* About

* Sales

* Sponsorship & Media Kit * About Security Ledger

* Staff

* Contributors

* Top Stories

* Application Security * Internet of Things

* Connected Cars

* Connected Devices

* M2M

* Quantifiable Self

* Smart Home

* Sensors

* Wearable Computing

* Mobile Devices

* Supply Chain

* Threats

* Hacks & Hackers

* Malware

* Terrorism

* Expert Insights

* Thought Leadership

* Opinion

* Reports

* Video

* Podcasts

* Sponsors

* Current sponsors

* All sponsors

* Whitepapers

* Webinars

OTHER NEWS

EXPERTS WARN COVID-19 RAISES STAKES FOR NATION STATE INFO-OPS

TARGETING US

April 24, 2020 by Jack Monahan The Covid-19 coronavirus may be novel, but security experts say that the cyber and disinformation strategies capitalizing on the crisis are

not.

SHARE THIS:

* Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Twitter (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)

*

Continue Reading → EPISODE 182: HACKERS TAKE MEDICAL DEVICES ‘OFF LABEL’ TO SAVE

LIVES

April 23, 2020 by Paul Roberts In this episode of the podcast (#182) Trammell Hudson of Lower Layer Labs talks to us about Project Airbreak, his recent work to jailbreak a CPAP machines and how an NSA hacking tool helped make this inexpensive equipment usable as a makeshift respirator.

SHARE THIS:

* Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Twitter (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)

*

Continue Reading → Photo by Markus Spiske from Pexels " data-medium-file="https://securityledger.com/wp-content/uploads/2020/04/coronavirus-statistics-scaled-1-300x200.jpeg" data-large-file="https://securityledger.com/wp-content/uploads/2020/04/coronavirus-statistics-scaled-1-1024x683.jpeg"> EPISODE 181: HOW SCAMMERS WEAPONIZE COVID ANXIETY April 15, 2020 by Paul Roberts In this episode of the podcast (#181), we’re joined by Shashi Prakash, Chief Scientist at the firm Bolster.ai, to talk about the surge in COVID 19-themed scams and phishing attacks in recent weeks and what individuals and companies can do thwart COVID-themed scams

and attacks.

SHARE THIS:

* Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Twitter (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)

*

Continue Reading → AMID SECURITY CONCERNS: TO ZOOM OR NOT TO ZOOM? April 13, 2020 by David Weldon Zoom has rolled out new security features and promised a cyber security and privacy makeover after withering reports of the platform’s failings. In the meantime, enterprises are left to wonder ‘to Zoom or not Zoom?’

SHARE THIS:

* Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Twitter (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)

*

Continue Reading → Photo by Trace Hudson from Pexels

"

data-medium-file="https://securityledger.com/wp-content/uploads/2020/04/man-standing-beside-train-2365701-300x261.jpg" data-large-file="https://securityledger.com/wp-content/uploads/2020/04/man-standing-beside-train-2365701-1024x892.jpg"> SPOTLIGHT PODCAST: PUBLIC SECTOR LEVELS UP TO TACKLE CYBER THREATS April 9, 2020 by Paul Roberts In this Spotlight edition of the podcast, sponsored* by RSA Security, we go deep on public sector cyber risk with two interviews from the most recent RSA Conference: Kelvin Coleman, the Executive Director of the National Cyber Security Alliance (NCSA) and Sean McHenry, the CISO of the Utah State Board of Education. In our second segment, we shift focus to the Pacific. Robert Carey the Vice President of Global Public Sector Solutions at RSA Security joins us with the man known as “Dr. AA”: Dr. Aswami Ariffin who is the head of response at Cybersecurity

Malaysia.

SHARE THIS:

* Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Twitter (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)

*

Continue Reading →

1 2 3

… 346

Next »

LATEST PODCAST

EPISODE 182: HACKERS TAKE MEDICAL DEVICES ‘OFF LABEL’ TO SAVE

LIVES

Episode 182: Hackers take Medical Devices 'off label' to Save Lives April 23, 2020 Audio Player

00:00

00:00

00:00

Use Up/Down Arrow keys to increase or decrease volume. Episode 182: Hackers take Medical Devices 'off label' to Save Lives

— April 23, 2020

25:19

Episode 181: How Scammers weaponize COVID Anxiety — April 15, 2020

19:31

Spotlight Podcast: Public Sector levels up to tackle Cyber Threats

— April 9, 2020

34:32

Episode 180: Gary McGraw on Machine Learning Security Risks — March

31, 2020

29:34

Episode 179: CISO Eye on the Virus Guy - Assessing COVID's Cyber Risks — March 26, 2020

20:04

SIGN UP FOR THE SECURITY LEDGER A curated, weekly newsletter of the best security reporting.

Email Address

News and Analysis

The Daily Ledger

The Weekly Ledger

Security Ledger Podcast Kill Bit Daily (1 great infosec read each day)

Preferred Format

* HTML

* Text

A WORD FROM OUR SPONSORS

THANK OUR SPONSORS!

","load_all":false,"error_template":" {{ERROR}}","arrow_position":false,"toolbar":true,"infobar":false,"show_smallbtn":false,"inner_caption":false,"caption_position":false,"idle_time":false,"click_content":false,"click_slide":false,"click_outside":false,"animation_duration":false,"transition_duration":false,"small_btn_template":""}" data-row-height="" data-justified-margins="" data-gallery-theme="" id="envira-gallery-475307" class="envira-gallery-public envira-gallery-2-columns envira-clear enviratope" data-envira-columns="2" style="position: relative; height: 452.5px;"> THOUGHT LEADERSHIP 10 WAYS TO MAKE YOUR REMOTE WORK EASY AND SECURE March 30, 2020 AS CYBER ATTACKS MOUNT, SMALL BUSINESSES SEEK AUTHENTICATION FIX February 24, 2020 OPINION: AI AND MACHINE LEARNING WILL POWER BOTH CYBER OFFENSE AND DEFENSE IN 2020 February 6, 2020 IT ASSET DISPOSITION (ITAD) IS THE SLOW MOTION DATA BREACH NOBODY NOTICES January 14, 2020 RESOLVE TO FIX YOUR ONLINE SECURITY MESS IN 2020. HERE’S HOW.

December 29, 2019

EXPLAINED: TWO-FACTOR VS. MULTI-FACTOR AUTHENTICATION

September 30, 2019

RSA WARNS DIGITAL TRANSFORMATION IS SUPERCHARGING DIGITAL RISK

September 20, 2019

*

*

*

*

*

*

*

READERS RESPOND

* Spotlight Podcast: How Machine Learning is revolutionizing

Application Fuzzing

5 comments

* Spotlight Podcast: How DU Telecom Manages Digital Transformation

Risk

5 comments

* Seven Years Later, Scores of EAS Systems sit Un-patched,

Vulnerable

4 comments

* Episode 179: CISO Eye on the Virus Guy - Assessing COVID's Cyber

Risks

4 comments

* IT Asset Disposition (ITAD) is the Slow Motion Data Breach Nobody

notices

3 comments

RECENT POSTS

*

EXPERTS WARN COVID-19 RAISES STAKES FOR NATION STATE INFO-OPS

TARGETING US

*

EPISODE 182: HACKERS TAKE MEDICAL DEVICES ‘OFF LABEL’ TO SAVE

LIVES

*

EPISODE 181: HOW SCAMMERS WEAPONIZE COVID ANXIETY

ARCHIVES

Archives Select Month April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 FOUNDER AND EDITOR IN CHIEF

PAUL F. ROBERTS

I'm the founder and Editor in Chief of The Security Ledger (securityledger.com), an independent security news and analysis publication that explores the intersection of cyber security with the

Internet of Things.

PERSONAL LINKS

* The Security Ledger * The Security of Things Forum

* pfroberts.com

* Blogging Belmont

View Full Profile →

THE SECURITY LEDGER

Copyright © 2020 The Security Ledger Designed by WPZOOM Send to Email Address Your Name Your Email Address Cancel Post was not sent - check your email addresses! Email check failed, please try again Sorry, your blog cannot share posts by email.