Supply Chain Security - Ivan Arce - PSW #781 | allinfosecnews.com

April 20, 2023, 5:34 a.m. | Security Weekly

Security Weekly www.youtube.com

We will talk about Supply chain security, the TPM 2.0 vulnerabilities recently discovered by a Quarkslab researcher, bugs in reference implementations, vulnerability disclosure and perhaps various other topics.

Segment Resources:

Vulnerabilities in the TPM2.0 reference implementation
https://blog.quarkslab.com/vulnerabilities-in-the-tpm-20-reference-implementation-code.html

Vulnerabilities in High Assurance Boot of NXP i.MX microprocessors
https://blog.quarkslab.com/vulnerabilities-in-high-assurance-boot-of-nxp-imx-microprocessors.html

Heap memory corruption in ASN.1 parsing code generated by Objective Systems Inc. ASN1C compiler for C/C++

https://github.com/programa-stic/security-advisories/blob/master/ObjSys/CVE-2016-5080/README.md

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw781

asn assurance boot bugs code compiler corruption disclosure generated high memory memory corruption microprocessors parsing psw reference researcher resources security segment supply supply chain supply chain security systems topics tpm tpm 2.0 vulnerabilities vulnerability vulnerability disclosure

More from www.youtube.com / Security Weekly

ChatGPT Writes Exploits - PSW #827 13 hours ago | www.youtube.com

banning chatgpt chips default +12

Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360 14 hours ago | www.youtube.com

breaking down important incident +4

Kicking Off With Crypto - PSW #827 1 day, 2 hours ago | www.youtube.com

articles computing crypto cryptography +14

AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more. - SWN … 2 days, 22 hours ago | www.youtube.com

chrome fcc ftc josh +8

Random Problems, Protecting Packages, and Vulns in Designs, Defaults & Data Leaks - ASW #283 3 days ago | www.youtube.com

code data data leaks leaks +11

Why Companies Continue to Struggle with Supply Chain Security - Melinda Marks - ASW #283 3 days ago | www.youtube.com

address chaos companies continue +15

Air Gapped! The Myth of Securing OT - Thomas Johnson - CSP #172 3 days, 2 hours ago | www.youtube.com

air companies controls csp +11

Meet Silver SAML: Golden SAML in the Cloud - Eric Woodruff - BSW #348 3 days, 19 hours ago | www.youtube.com

access applications attackers attacks +22

Board's Pivotal Role in Cybersecurity as CISO-CEO Communication Gaps Continue - BSW #348 3 days, 19 hours ago | www.youtube.com

board ceo ciso communication +7

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Intern, Cyber Security Vulnerability Management

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Compliance - Global Privacy Office - Associate - Bengaluru

@ Goldman Sachs | Bengaluru, Karnataka, India

View on infosec-jobs.com

Cyber Security Engineer (m/w/d) Operational Technology

@ MAN Energy Solutions | Oberhausen, DE, 46145

View on infosec-jobs.com

Armed Security Officer - Hospital

@ Allied Universal | Sun Valley, CA, United States

View on infosec-jobs.com

Governance, Risk and Compliance Officer (Africa)

@ dLocal | Lagos (Remote)

View on infosec-jobs.com