developers

Malware & Threats

Issued by: Security Week

Malvuln, an interesting project of security researcher John Page (aka hyp3rlinx), catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited. Since launching the project in early January 2021, Page has discovered more than 260 vulnerabilities across an estimated 105 individual malware families, including trojans, worms, backdoors, droppers, and ransomware….

Application Security

Issued by: Dark Reading

Open-source software projects continue to struggle with handling sensitive information, according to automated scans of hundreds of millions of commits to code repositories. Software-security toolmaker DeepCode found that four of the seven vulnerabilities classes with the greatest impact on the security of software projects had to do with failures to protect data. The categories of…

Malware & Threats

Issued by: CIO Security

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos. The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after…

Network Security

Issued by: CSO

Google researchers help developers test cryptographic implementations

Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations. The company’s Project Wycheproof, which was released on GitHub, contains more than 80 test cases for widely used cryptographic algorithms, including RSA, AES-GCM, AES-EAX, Diffie-Hellman, Elliptic Curve Diffie-Hellman (ECDH), and the digital signature algorithm…