IN THE NEWS TODAY
Scam Farms Marque and Reprisal Authorization Act of 2025
The Scam Farms Marque and Reprisal Authorization Act of 2025 (H.R. 4988) has reignited debate around offensive cyber operations. The bill would let the [...]
Securing AI with NIST SP 800-53 Control Overlays
NIST is working on Control Overlays for Securing AI Systems (COSAIS), a project that adapts the widely used SP 800-53 security controls to the [...]
NIST SP 1331: Preparing for the Risks We Can’t Yet See
NIST’s new draft, Special Publication 1331, is a quick-start guide on how to use the Cybersecurity Framework (CSF) 2.0 to manage emerging cybersecurity risks. [...]
Balancing Power and Risk: The Air Force’s AI Doctrine
With the release of Doctrine Note 2-5.1, the U.S. Air Force has taken a deliberate step toward integrating artificial intelligence (AI) into its operational mindset. [...]
Vibe Coding Risks: Productivity at What Cost?
The Rise in Vibe Coding A new trend is taking over software engineering known as vibe coding, a change in in mindset from hands-on [...]
PRESS RELEASE: ObjectSecurity Releases BinLens 3.2 for Advanced Binary Vulnerability Analysis
San Diego, CA — April 2, 2025 — ObjectSecurity, a recognized leader in advanced defense and industrial cybersecurity solutions, today announced the release of BinLens™ [...]
Case Study: Enhancing IoT Security Compliance with ObjectSecurity BinLens
Company: P3iD Technologies Industry: Digital Transformation & Security Solutions Use Case: Automated Binary Vulnerability Analysis for IoT Security Compliance Background P3iD [...]
PRESS RELEASE: ObjectSecurity Releases BinLens 3.1 for Advanced Binary Vulnerability Analysis
San Diego, CA — February 14, 2025 — ObjectSecurity, a recognized leader in advanced defense and industrial cybersecurity solutions, today announced the release of BinLens™ [...]
The Limits of SAST: Predicting the User
In SAST (static application security testing), source code is analyzed without being executed. SAST can be used to detect buffer overflows, injection flaws, and [...]
“Rewrite it in Rust”: A Brute Force Approach to Memory Safety
In Exploring Memory Safety in Critical Open Source Projects, CISA, the FBI, and other foreign cyber security agencies report that approximately 52% of critical [...]
CrowdStrike: A Lesson in Memory Safety
This blog post discusses the recent CrowdStrike incident where a flawed update caused blue screen errors (BSODs) on Windows systems, leading to widespread disruptions. [...]
How can a Stack Buffer Overflow be used to Execute Arbitrary Code?
The article explains Stack-based Buffer Overflow attacks (CWE-121), highlighting their mechanisms, severe consequences, and the lack of protections in embedded devices. It illustrates exploitation [...]
PRESS RELEASE: NIST Awards ObjectSecurity OT Cybersecurity Grant
San Diego, Calif. – June 24, 2024 – ObjectSecurity, a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges, today [...]
A Deep Dive into the Recent Eclipse ThreadX CVEs: Who’s Affected?
This blog post discusses two newly discovered CVEs affecting Eclipse ThreadX before version 6.4.0: CVE-2024-2214 and CVE-2024-2212. Discovered by Humanativa Group, these vulnerabilities involve [...]
PRESS RELEASE: DARPA Awards ObjectSecurity $1.5M Embedded Device Analysis Contract
San Diego, Calif. – May 24, 2024 – ObjectSecurity, a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges, today [...]
Finding Segmentation Faults in Binary Machine Code: Comparing Different Approaches
The blog post explores different approaches to finding segmentation faults in binary machine code. It compares static analysis, fuzzing, and concolic analysis. While static [...]
You Should be Automating Binary Reverse Engineering: Here’s Why.
Binary reverse engineering is a luxury not many can afford. Up until now, there haven't been options to automate and scale the skills and [...]
Detecting the xz-utils Backdoor with Automation
In this ObjectSecurity blog post, we discuss how automated binary vulnerability analysis helps detect advanced attacks such as the recently discovered "xz-utils backdoor", which [...]