-
Several studies have linked the use of open source software and tutorials with the introduction of security vulnerabilities in production code, but a new one finds the same problem with online coding advice.
-
On Jan. 5 Coinbase detected a deep chain reorganization on the Ethereum Classic (ETC) blockchain, including a double spend.
-
By John K. Waters
Imperva has open sourced a new Java SDK designed to simplify interaction with Microsoft's Active Directory for small, medium and large development projects using LDAP.
-
Facing ever-more-sophisticated attack vectors, companies like Zimperium are infusing emerging AI technologies like machine learning into their mobile app defense solutions.
-
ActiveState published results of a survey conducted to examine challenges faced by developers who work with open source runtimes, revealing love for Python and security pain points.
-
By John K. Waters
The popular code repository and social coding platform recently acquired by Microsoft launched the feature last year, initially covering JavaScript and Ruby. Python coverage was added earlier this year.
-
Enterprise mobile and Web app development is riddled by security gaffes, according to a new report from WhiteHat Security, which is calling for a revamp of the development lifecycle.
-
A new study examined hundreds of popular Android apps for security vulnerabilities, finding that the improper use of open source software puts organizations and users at risk.
-
The company boosted the capabilities of its code obfuscation product and unveiled man-in-the-middle attack protection.
-
This CPU includes eight new Java SE patches, which is a 75 percent drop from a 30-month high set in July 2017.
-
Cloud developers still aren't securing their data stores, a new report claims, resulting in the exposure of private enterprise information stored in Firebase, Google's mobile back-end platform.
-
On Wednesday identity cloud security provider Okta Inc. announced the launch of API Products for One App, an API-based tool for authenticating single Web sites and applications.
-
Cloud hosting platform provider Jelastic has released a new version of Jelastic Shield, with which the company adds a number of security enhancements to its evolving PaaS/IaaS platform.
-
Mobile app integration specialist Appdome has entered a partnership to provide smoother implementation of the F5 Networks Anti-Bot SDK to protect mobile apps.
-
By John K. Waters
The annual RSA Conference gets under way next week in San Francisco, which means the Moscone Center will be packed with infosec mavens from "the frontlines of the cybersecurity landscape." (So cool.)
-
By Richard Seeley
Providing security for IoT devices is getting expensive and will become costlier, according to a Gartner report released in March. IoT security spending will reach $1.5 billion in 2018, up from $1.2 billion in 2017, a 28 percent increase.
-
Amazon Web Services added encryption-at-rest to Amazon DynamoDB, increasing security options for its NoSQL cloud database service in the wake of publicized wide-open data stores found on the cloud platform.
-
Waratek announced a new security tool for Java and .NET applications that uses virtualization to quickly apply patches for long-term and newly discovered vulnerabilities.
-
By John K. Waters
Oracle's first Quarterly Critical Patch Update of 2018 provided fixes for 237 vulnerabilities across its product lines, including patches for 21 security holes in the Java Platform Standard edition (Java SE), 18 of which are remotely exploitable without authentication.
-
By Richard Seeley
Dr. Ben Zorn, co-manager of Microsoft's Research in Software Engineering group, wonders if the smart fork you are using to eat your spaghetti could be hacked.
-
The latest report from security firm Check Point Software Technologies Ltd. identifies the top three mobile malware threats -- which all run on Android.
-
Google' Safe Browsing team has expanded the enforcement of the company's Unwanted Software Policy, promising to flag Android apps in Google Play that collect personal information about users without their consent.
-
By John K. Waters
A new report from application security vendor Veracode paints an unflattering picture of Java developers, finding 88 percent of Java applications contain at least one vulnerable component.
-
Amid increasing reports of cyberattacks and data breaches, open source security company Flexera has published the results of a study examining the risk of using vulnerable open source code in enterprise applications and systems.
-
By John K. Waters
More than 90 percent of the vulnerabilities can be exploited remotely without authentication; about 60 percent can allow attackers to perform remote denial-of-service attacks; and more than 72 percent of these vulnerabilities can be easily exploited, because their attack complexity is low.