Baets by Der
Friendly advice from Red Balloon Security: Just pay the extra $2 Recently, we wanted to use some wired headphones with an iPhone, which sadly lacks a headphone jack. The nearest deli offered a solution: a Lightning-to-headphone jack adapter for only $7. Got to love your local New York City bodega. But a wrinkle appeared: […]
Red Balloon Security Wins 2022 NSF Convergence Accelerator Award for Proposed Improvements to 5G Cybersecurity Through Hardening of Embedded Devices
We’re one of 16 teams chosen to enhance the secure operation of 5G infrastructure. Red Balloon Security has received a $682,000 award from the National Science Foundation’s Convergence Accelerator Program, which includes participation in Phase 1 of the program’s Track G: Securely Operating Through 5G Infrastructure. The Department of Defense is aligned with the NSF […]
OFRAK: A BOON TO THE CYBER SECURITY COMMUNITY, EMBEDDED DEVICE MANUFACTURERS, AND END USERS, IN 7 QUESTIONS
The release of RBS’s firmware reverse engineering tool is consistent with government and industry calls for higher security standards.
DEF CON 30 Badge Fun with OFRAK
The TL;DR? We used OFRAK to rewrite the badge firmware so that it auto-plays the solution for Challenge 1. Check out our video and full breakdown.
Embedded Systems and Aerospace & Satellite Cybersecurity
Red Balloon Security White Paper Defending From Within: Why Embedded Systems Are the Essential to Achieving Space and Satellite Cybersecurity Table of Contents: Executive Summary State of Cybersecurity in Space and Satellite Systems The Global Landscape 3 Shaping a Safer Future RedBalloonSecurity Investigations CyberLeo 2022 Defend from Within: Symbiote Embedded Defense for […]
ICS-CERT vulnerability analysis
What’s in a vulnerability: Evaluating host-based defense through recent ICS device data We analyzed data from the national vulnerability database to assess the applicability of on-device security features Whether they are discovered by independent researchers, manufacturers, or cyber attackers, device vulnerabilities traditionally have been remedied via patching. Although reactive, patching’s effectiveness is easy enough to […]
Why embedded device security is essential to ICS systems
Protections at the device level are not a replacement for security controls in OT systems and networks. They’re a necessary extension of them. Embedded devices in industrial control systems (ICS) operate within an increasingly complex array of systems, networks and protocols. The complexity is only increasing as end users require more insight into how ICS […]
RBS’s Satellite 2022 Conference quick take on cybersecurity: Increasing urgency, few immediate solutions
The Ukrainian conflict amplified serious questions about satellite security in this year’s conference. But questions aren’t action, which is needed now to protect this critical industry. The Ukrainian conflict amplified serious questions about satellite security in this year’s conference. But questions aren’t action, which is needed now to protect this critical industry. The Ukrainian conflict […]
Adventures of Captain Obvious Issue #24.2
ADVENTURES OF CAPTAIN OBVIOUS ISSUE #24.2 The Cybersecurity Chronicles: Red Balloon Security’s graphic depiction of real-world questions.
DHS, Department of Commerce get it right: Firmware security is “overlooked,” — and a genuine cybersecurity risk
A new report on ICT supply chains helps frame the ongoing threats to the essential code in embedded devices. A new report on ICT supply chains helps frame the ongoing threats to the essential code in embedded devices. A new report on ICT supply chains helps frame the ongoing threats to the essential code in […]