A Timesys Deep Dive Embedded Systems Newsletter
- Cybersecurity news: Critical hijacking bugs and how to stay ahead of them with our new CVE dashboard
- Here’s how to get early access to our cybersecurity survey results
- Learn from new Yocto security blogs: automating compliance using OpenSCAP and logging with auditd
- Upcoming events: conferences around the world and Security Vulnerability Management 101
Cybersecurity in the News: Critical Hijacking Bugs That Can Lead to Full Network Compromise Discovered in Azure Defender for IoT
Two CVEs scored a 10 out of 10 for severity
According to The Register:
“SentinelOne this week detailed a handful of bugs, including two critical remote code execution vulnerabilities, it found in Microsoft Azure Defender for IoT.
These security flaws, which took six months to address, could have been exploited by an unauthenticated attacker to compromise devices and take over critical infrastructure networks.”
Want the full scoop on the headline-making CVEs you need to know about? We’ve launched the Timesys CVE Dashboard, updated weekly with details on the dangerous security vulnerabilities that could be affecting your device.
Get early access to the results from our industry-wide survey
Sign up to be added to our early access list. You’ll be among the first to read the industry insights from our cybersecurity survey.
Read up on Yocto Security with Our Two Latest Blogs
Yocto Security: Automating compliance using OpenSCAP
Whether you are looking to embrace security automation or trying to meet regulatory compliance requirements, SCAP can play an important part of your security toolbox. Leveraging the OpenSCAP project, one can get a jumpstart in building secure devices that can be easily audited in an automated fashion.
Yocto Security: Logging with auditd
The Linux audit framework is a security system which can provide accurate information about almost all security-relevant actions running processes may take on a system. The logs created using the audit framework can be used to investigate potential security incidents. Read the full blog for info on installation to using rules files and beyond.
Conferences Around the World You Don’t Want to Miss
Embedded Online Conference
A conference for embedded systems engineers
April 25-29, online
So much learning to do, and so little time. Don’t worry if you’re joining late — many talks are available on-demand.
Be sure to stop by the “demo” area to see our new Embedded Board Farm video!
Cybersecurity industry event
May 4, Pittsburgh, PA
Join us in our hometown for the 7th annual Cyburgh, a forum for cybersecurity, IT, and business professionals to engage with and learn from peers, thought leaders, and solution providers.
Our very own Al Feczko will present a tech talk on software supply chain security
2nd European Medical Device & Diagnostic Cybersecurity + Software Development & Compliance
Joint live conference
May 17-18, Brussels
We are thrilled to be sponsoring this year’s event, and our very own Maciej Halasz will be presenting on securing the open source embedded software supply chain for medical devices.
Embedded Technology Convention USA 2022
Embedded Technologies & Systems Showcase
June 8-9, Las Vegas, NV
Join us at the Embedded Tech Convention with 5000 of our closest friends! Discover the latest technological innovations and trends, expand your industry knowledge and extend your global professional network.
Embedded World 2022
Exhibition & Conference
June 21-23, Nuremberg
Will you be at Embedded World this year? We’re excited to showcase our latest security solutions as a featured partner with our friends at STMicroelectronics.
Security Vulnerability Management 101Tool & Techniques to Monitor and Remediate Vulnerabilities in Your SBOM
In this monthly live webinar and Q&A session, you’ll learn:
– Why you need to manage your open-source software risks
– How to generate an accurate SBOM (Software Bills of Materials) and why it matters
– Tools and techniques to monitor and remediate vulnerabilities in your SBOM
– And much more!