 The Department of Homeland Security warned that there are critical security flaws in Emergency Alert System encoder/decoder devices. The flaw could be used to send fake emergency alerts. More: - The announcement was made through an online public statement by the federal agency.
- If the systems are not updated, cable networks and radio stations could be used by threat actors to cause panic in the general population by sending fake emergency alerts.
- This bug in EAS was found by a security researcher who claims that this flaw is the result of other more minor bugs being neglected for many years.
- Through this bug, hackers can obtain access to the credentials, certs, and devices, exploit the web server, send fake alerts via crafts message, pre-empt signals, and lock legitimate users out.
- EAS is a U.S. national public warning system that allows the president or state and local authorities to deliver critical information in case of federal or local emergency.
| |
 Thousands of Solana crypto wallets have been hacked by an unknown threat actor. The hacker is believed to have stolen millions of dollars. More: - The threat hacker breached over 7,700 wallet accounts, including wallets opened with Slope and Phantom.
- According to reports, hackers stole over $5M in funds.
- Solflare and Trust wallets are also believed to have been affected by the breach.
- The threat vector used to gain access to these wallets could be a supply chain attack, a zero-day browser flaw, or a faulty random number generator used in the key generation process.
- Solana has recommended transferring assets to a cold wallet or to a centralized storage company.
| |
 A message from SQUARE When your tools work together, your business works like magic. Square hardware and software are built to work together – and no matter what tools you choose, it’s all reliable, easy to use, and designed to work in sync. Take payments in person, online or on the go. No matter what kind of business you run, Square has the tools you need to never miss a sale. Get tools that come together to bring out the best in your business. New US-based Inside.com readers receive: - Flexible, all-in-one solution trusted by millions of business owners
- Free processing on up to $1,000 in credit card transactions for the first 180 days.
- Afterwards, you pay the standard 2.6% + $0.10 per swipe for all major credit cards.
Get Started Free
| |
 CISA has added a high-severity vulnerability in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog. CISA stated that the vulnerability is being actively exploited. More: - The flaw is being tracked as CVE-2022-27924 and has a CVSS score of 7.5
- Hackers execute the breach by injecting malware that executes Memcached commands.
- If the injection is successful, the Memcached command overrides security protocols and steals cleartext credentials.
- The origin of this hacking campaign is unknown at this point.
| |
 Hackers have tried to extort QuestionPro after claiming they hacked the company. QuestionPro is still investigating whether a breach happened. More: - The threat actor responsible for the possible breach is Pompompurin.
- According to reports, Pompompurin did not ask for a ransom, but another group involved in the breach did.
- QuestionPro stated that it was asked to pay a $1M ransom in BTC, a request the company ignored.
- The stolen database possibly contains 22 million email addresses, while QuestionPro stated that it would notify users whenever it confirms that a data breach has happened.
- Pompompurin has been involved with other breaching cases, such as last year's Robinhood breach, when 7 million emails from the app's user base were sold online.
| |
 A message from WIND RIVER Can a real-time operating system fill your embedded system needs? A real-time operating system (RTOS) is an operating system with two key features: predictability and determinism. In an RTOS, repeated tasks are performed within a tight time boundary, while in a general-purpose operating system, this is not necessarily so. Predictability and determinism, in this case, go hand in hand: We know how long a task will take, and that it will always produce the same result. - Determinism: Repeating an input will result in the same output.
- High performance: RTOS systems are fast and responsive, often executing actions within a small fraction of the time needed by a general OS.
- Safety and security: As RTOSes are frequently used in critical systems, such as robotics or flight controllers, they must have higher security standards and more reliable safety features.
- Priority-based scheduling: Actions are scheduled according to their assigned priority; the most important tasks come first.
- Small footprint: Versus their hefty general OS counterparts, RTOSes weigh in at just a fraction of the size: Windows 10, with post-install updates, takes up approximately 20 GB. VxWorks, on the other hand, is measured in the low single-digit megabytes.
In this webinar, we'll go through some of the features of real-time operating systems that can revolutionize your embedded development process, and make sure that an RTOS is the right solution for your use-case. Watch Now
| |
Texas-based cybersecurity startup Ghost has raised $15M in a funding round. The company raised funds from 468 Capital, DNX Ventures, and Munich Re Ventures. More: - Ghost Security aims to create a new approach to stopping attacks against applications, APIs, and microservices.
- This technology lets security researchers profile normal behavior and detect when something risky happens.
- Ghost Security uses machine learning to supervise potential breaches but lets the algorithm learn on its own rather than feed it data like most companies do.
- The company aims to use the funds to grow its team of 15 people and expand its development efforts.
| |
Quick Hits - 2022 Capital Gains of $250K+? Reinvest them and unlock attractive tax incentives like tax deferral. Learn How — Grab This No-Cost Investor Guide.*
- The Association of German Chambers of Industry and Commerce has been hit by a cyberattack, forcing the organization to shut down its digital services, email servers, and telephones.
- The Forum of Incident Response and Security Teams has published TLP 2.0, its first in five years after the release of the initial version.
- CISA has released its list of the most widely spread malware attacks for 2021. The most used malware strains were Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot, and GootLoader.
- The U.K. is considered Europe's credit card fraud capital, according to a new report.
- Get a FREE Trial Pack of Super Coffee's NEW Tasty Pastry flavors that contain 0g of sugar, 10g of protein, and 200mg of caffeine. Just cover shipping!*
*This is sponsored content.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 Ford. | |
| |
For nearly 35 years, VxWorks has been used to ensure the security, safety, and reliability you need to design and build mission-critical embedded systems that simply must work.
| |
