Security News


NSA Releases Java-Based Reverse Engineering Tool

The National Security Agency has open sourced its Ghidra software reverse engineering (SRE) framework.

Flaws Left Unpatched, Unstopped Malware Contribute to Growing IoT Attacks

According to a recent IoT security report from F-Secure, a lack of good password security (or no password at all) combined with unpatched vulnerabilities contribute to 87 percent of all IoT attacks.

IBM Launches Security Testing Service for Blockchain-Based Products

This week IBM's X-Force Red security division announced it has launched a new testing service to help find weaknesses and fix vulnerabilities in Blockchain-based releases.

Researchers Warn of Insecure Online Coding Advice

Several studies have linked the use of open source software and tutorials with the introduction of security vulnerabilities in production code, but a new one finds the same problem with online coding advice.

Colorful Highway Graphhic

Coinbase, Bitfly Say Reorganizations Detected on Ethereum Classic's Blockchain; ETC Devs Deny Claim

On Jan. 5 Coinbase detected a deep chain reorganization on the Ethereum Classic (ETC) blockchain, including a double spend.

Firm Applies Machine Learning to Mobile App Security

Facing ever-more-sophisticated attack vectors, companies like Zimperium are infusing emerging AI technologies like machine learning into their mobile app defense solutions.

Open Source Survey Shows Python Love, Security Pain Points

ActiveState published results of a survey conducted to examine challenges faced by developers who work with open source runtimes, revealing love for Python and security pain points.

GitHub Adds Security Alerts for Java and .NET

The popular code repository and social coding platform recently acquired by Microsoft launched the feature last year, initially covering JavaScript and Ruby. Python coverage was added earlier this year.

Security Report Calls for Enterprise App Lifecycle Revamp

Enterprise mobile and Web app development is riddled by security gaffes, according to a new report from WhiteHat Security, which is calling for a revamp of the development lifecycle.

Appdome Updates Mobile Security Offerings

The company boosted the capabilities of its code obfuscation product and unveiled man-in-the-middle attack protection.

Study: Open Source Software Contributes to Mobile App Vulnerabilities

A new study examined hundreds of popular Android apps for security vulnerabilities, finding that the improper use of open source software puts organizations and users at risk.

Java SE Patches in Latest Oracle's CPU Mark a 12-Month Low

This CPU includes eight new Java SE patches, which is a 75 percent drop from a 30-month high set in July 2017.

Report: Unsecured Firebase Mobile Databases Leaking Enterprise Data

Cloud developers still aren't securing their data stores, a new report claims, resulting in the exposure of private enterprise information stored in Firebase, Google's mobile back-end platform.

Okta Releases Free 'API for One App' for Single App Security

On Wednesday identity cloud security provider Okta Inc. announced the launch of API Products for One App, an API-based tool for authenticating single Web sites and applications.

Java-Based Cloud Provider Jelastic Adds Cloud Security Features

Cloud hosting platform provider Jelastic has released a new version of Jelastic Shield, with which the company adds a number of security enhancements to its evolving PaaS/IaaS platform.

Firms Team Up for No-Code Mobile Anti-Bot SDK Integration

Mobile app integration specialist Appdome has entered a partnership to provide smoother implementation of the F5 Networks Anti-Bot SDK to protect mobile apps.

IoT Security Spending Reaching $1.5 Billion This Year and Growing: Gartner

Providing security for IoT devices is getting expensive and will become costlier, according to a Gartner report released in March. IoT security spending will reach $1.5 billion in 2018, up from $1.2 billion in 2017, a 28 percent increase.

AWS Boosts Encryption for Amazon DynamoDB, its NoSQL Database Service

Amazon Web Services added encryption-at-rest to Amazon DynamoDB, increasing security options for its NoSQL cloud database service in the wake of publicized wide-open data stores found on the cloud platform.

New 'Virtual Patch' Targets Java, .NET Vulnerabilities

Waratek announced a new security tool for Java and .NET applications that uses virtualization to quickly apply patches for long-term and newly discovered vulnerabilities.

Oracle's First CPU of 2018: Smallest Since Last April, Except for Java

Oracle's first Quarterly Critical Patch Update of 2018 provided fixes for 237 vulnerabilities across its product lines, including patches for 21 security holes in the Java Platform Standard edition (Java SE), 18 of which are remotely exploitable without authentication.

Upcoming Events

AppTrends

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.