New cross-agency cybersecurity reviews for US banks may be coming next year. Regulator concerns still exist about the controls in this critical sector, in particular with smaller banks. ft.com/content/69a252…

ICYMI: Infographic for SANS OT/ICS survey. Show more investment in this space, which is great news! sans.org/media/Infograp…

Interesting article on the current state of BlueKeep. It’s easy to forget about it when there isn’t mass exploitation, but no one knows for sure when that switch will flip. wired.com/story/bluekeep…

Yes, Windows 7 is losing free security patches in January, and yes patches can be had under a paid contract. But it is also 10 years old and missing loads of other security improvements; see the comparison table here: blogs.technet.microsoft.com/askpfeplat/201…

2019: The Year of International Medical Device Security Guidance. Australia, Canada, and now France: raps.org/news-and-artic…

ICYMI, detailed instructions on how to exploit BlueKeep are now available. Pretty interesting technical read. This, combined with the available-for-purchase version announced this week, makes me think we will see a BlueKeep worm very soon. arstechnica.com/information-te…

It will be interesting to see how quickly this will be exploited. It’s not your everyday operating system, but that doesn’t mean it doesn’t have flaws: wired.com/story/vxworks-…

$3M lost in a recent ATM hacking scheme; hacking group apparently has two members: theregister.co.uk/2019/07/03/sil…

Great preview of Biohacking Village 🧪 by Lily Hay Newman in Wired today. Some seriously great work by U.S. FDA, medical device makers, Mayo Clinic, Cal Poly, and the hundred or so others putting on the event at DEF CON. Come check us out! wired.com/story/defcon-m…

Medical devices and BlueKeep...a perspective on what healthcare providers should be thinking about as recent public exploit information shortens the timetable: pwc.com/us/en/industri…

Glad to see awareness being raised on the Magecart-style JavaScript slimming attacks. Don’t forget about third party hotlinked scripts! pcisecuritystandards.org/pdfs/PCISSC_Ma…

Interesting data points in the 2019 HIMSS cyber survey...a pretty quick read. Budgets seem to be mostly up, but significant work remains: himss.org/sites/himssorg…

Interesting story of a 4-person IT team quickly rebuilding hospital systems after a ransomware attack. azcentral.com/story/news/loc…

Interesting data points on software issues (including Cybersecurity vulnerabilities) as the top cause of medical device recalls: mddionline.com/dont-become-po…

Friendly Reminder that our Call for Papers for the Speakers Lab will be closing on July 1 AT 11:59 EST. We know you have been working so diligently on securing devices and research and we want to hear & read ALL about it. Submission link is below! 😊 villageb.io/cfp-2020

We can’t wait to show off what’s waiting for you in the Biohacking Village: Device Lab this year. Do you want an early preview?

What’s holding you back from helping defend St. Elvis Hospital 🏥 in our Hospital Under Siege CTF? (no pressure, it will be fun, we just wanna know) forms.gle/x2jgSX59YqsEhn…

7yr ago!!! We launched at BSides Las Vegas ... Thx to ALL who've helped make the world... Safer… Sooner… Together… Reflections to come