The U.S. Cyber Trust Mark will help consumers identify IoT products meeting baseline security standards. Finite State can guide you through pre-certification & beyond. Check out our blog & drop your questions below 👉. #IoTSecurity #CyberTrustMark.

RT @hevnsnt: 🚨 BIG NEWS! 🚨 @haxorthematrix and I were accepted to to #Shmoocon! We are bringing the #CYA - Cover Your Ass - A cheap BLE Tr….

Ok, I know I posted this the other day, but now it is all official like:. Big news! I’m a #SANSDMA nominee! Voting closes Friday, October 4 and I’d love if you could vote for me. Cast your vote now:

Hey all, Security Weekly has been nominated for a SANS Difference Maker award, and we are in the top 5 finalists. Go vote for us!  .

RT @FiniteStateInc: Great turnout for @haxorthematrix session yesterday @automotive_iq #AutoCyberSec24 in Detroit. We're always so honored….

RT @FiniteStateInc: The U.S. Cyber Trust Mark. ✔️ What is it? When will it go into effect? How will it impact manufacturers and consumers?….

RT @d0tslash: Visualize the DJI 2017 AWS data leak with @CARTO to help grok what it may mean with regard to #HR2864 cc @EliseStefanik @RepS….

RT @FiniteStateInc: Known as Looney Tunables (CVE-2023-4911), a newly disclosed vulnerabiilty impacts a vast number of Linux systems. While….

Hey folks, @securityweekly and I have been nominated for TWO SANS Difference Maker awards, One for podcast and one for lifetime achievement! Go vote for us at (search for "paul" to make it easy to find both of our entries).

RT @FiniteStateInc: 🚨 Vulnerability Alert: The WebP Library (CVE-2023-4863) 🚨 . New updates reveal that the vulnerability originally disco….

RT @FiniteStateInc: We're thrilled to be participating in an upcoming webinar hosted by @SecurityWeek alongside our friends @microsoft. Joi….

To all of my old hacker friends, don’t forget to refill your DEF CON ibuprofen… #DEFCON31.

RT @FiniteStateInc: We've got a little something to help you make it to 5pm! Episode 21 of our podcast is out today! Eric & @haxorthematrix….

RT @brianhalbach: Come hack some door access systems with me at Defcon’s @physsec

They look great!.

If you do Kubernetes, you need this class. Jay does amazing work!.

While still in the public comment phase, I'm like that CVSS 4.0 scoring can improve how organizations can make decisions on risk. Benefits from the proposed metrics can contextualize actual exploitability, and how it applies to OT/ICS and even healthcare.

In an apparent series of "Why does this thing need to be IoT enabled", Cyrill Künzi hacked his Philips Sonicare toothbrush: It is NFC enabled! . @atc1441 dropped the NFC password calculation: Now in the Proxmark Iceman firmware.

One of my amazing coworkers jsut put together some thoughts on the new and upcoming CVSS 4.0 scoring. TL;DR: He's excited.

We all knew it would happen. In this case it was not from l33t IoT hax, but a lack of segregation of duties; Support had access to all of the video whether they needed it or not. Further proof that security basics need to apply to the whole IoT ecosystem.