News, ideas, and perspectives on security, safety, and privacy in
Communications, IIoT, and beyond.

Here’s How to Protect Firmware Against Cyberattack

November 04, 2021
| Kylee Malkiewicz

In recent years, we have seen a significant rise in attacks on firmware.  A survey conducted by Microsoft concluded that in the last four years, there has been a 500% increase in reported firmware attacks, and 83% of surveyed businesses reported...

Defense-in-Depth

Why Are Buffer Overflows So Dangerous?

October 11, 2021
| Kylee Malkiewicz

We talk about buffer overflows a lot. So much so, it almost seems silly to be writing another article dedicated to this software vulnerability.  But, it’s worth driving the point home: buffer overflows are one of the most dangerous software...

Security CoreGuard Safety Privacy Defense-in-Depth

Comparing Armv9 Security Features & Dover’s CoreGuard Technology

October 05, 2021
| Greg Sullivan

In March 2021, Arm announced the release of its new Armv9 architecture. The first new architecture in a decade, Armv9 includes new security features—from compartmentalization to memory safety to pointer authentication.

Security CoreGuard Safety Privacy Defense-in-Depth

An Analysis of Recent Changes to MITRE’s CWE Database

August 30, 2021
| Leslie Barthel

The ever-expanding universe of cybersecurity threats plaguing embedded systems today is  only getting more dangerous, costly, and pervasive with every year that passes.

Security Defense-in-Depth

Stopping the Most Common CWE Threats in Embedded Systems

August 17, 2021
| Leslie Barthel

 

The threat universe for embedded systems is seemingly endless. To try to make sense of it all, we turn to MITRE’s CWE database. It’s a publicly-available, community-developed list of software and hardware weaknesses. Its purpose is to serve as...

Security CoreGuard Defense-in-Depth

A Q&A on Securing Embedded Systems

August 12, 2021
| Kylee Malkiewicz

In order to make sense of the many threats plaguing embedded systems today, we turn to MITRE’s Common Weakness Enumeration (CWE) database. This database serves as a tool to help categorize the tens of thousands of common vulnerabilities and...

Security CoreGuard Defense-in-Depth

Everything You Need to Know About CWEs

July 21, 2021
| Kylee Malkiewicz

In order to understand the many potential cyberattacks that threaten you and your organization, we turn to MITRE’s Common Weakness Enumeration (CWE) database as a key first step.

Security Defense-in-Depth

How to Secure Systems with Fine-Grained Compartmentalization

June 30, 2021
| Kylee Malkiewicz

Compartmentalization is one of the seven layers in the Cybersecurity Stack. It works by separating data and software on a processor into different compartments to effectively limit the scope of damage of potential cyberattacks only to the...

Security CoreGuard Defense-in-Depth

Here's Everything You Need to Know About the Baron Samedit Bug

June 08, 2021
| Jothy Rosenberg

In January 2021, a major buffer overflow vulnerability, impacting a large chunk of the Linux ecosystem, was discovered in the sudo application by security auditing firm, Qualys. The vulnerability, known widely as “Baron Samedit,” received a CVE...

Security CoreGuard Defense-in-Depth

How the DoD Orange Book Paved the Way for Modern Cybersecurity

May 12, 2021
| Jothy Rosenberg

Solving the problem of how to prevent cyberattacks has been a priority even before the first internet-born cyberattack, the Morris Worm. It was a buffer overflow attack that spread rapidly and became a viral denial of service attack and it was...

CoreGuard Defense-in-Depth