Tips for Securing the Software Supply Chain
“Software supply chain attacks are at the top of all CISOs’ minds,” says ReliaQuest CISO Jeff Music. Music attributes the popularity of software supply chain attacks to the fact that these attacks are relatively easy to conduct and have a significant payoff for the attacker. “This is especially the case if the vulnerable hardware or…
Will Cybersecurity Remain Recession-Proof in 2023?
We’ve recently seen substantial layoffs across the tech sector, to the tune of around 140,000 redundancies made by big names such as Amazon, Salesforce, Microsoft, and Tesla. As the recession bites, falling stock prices and further contraction in the market, together with merger and acquisition activity, are expected to force businesses to reduce head count…
U.S. Government, Tech Giants Discuss Open Source Software Security
The recent disclosure and exploitation of vulnerabilities affecting the widely used Log4j logging utility have once again highlighted the importance of open source security and software supply chain security. The goal of the White House summit was to identify ways to improve the security of open source software and effectively support the open source community….
Adobe Plugs Critical Photoshop Security Flaws
The flaws, rated critical, expose both Windows and MacOS users to code execution attacks, Adobe said in an advisory released Tuesday. The updates, available for Photoshop 2020 and Photoshop 2021, are being pushed via the software’s automatic updating mechanism. Adobe described the vulnerabilities as memory corruption issues with 7.8 CVSS scores. The company also shipped…
About 50% of Apps Are Accruing Unaddressed Vulnerabilities
The latest edition of Veracode’s annual “State of Software Security” study released this week shows that many enterprise organizations are at increased breach risk because of aging, unaddressed application security flaws. Veracode recently analyzed data from application security tests on more than 85,000 applications and found that, on average, companies fix just 56% of all…
What is application security? A process and tools for securing software
Application security is the process of making apps more secure by finding, fixing, and enhancing the security of apps. Much of this happens during the development phase, but it includes tools and methods to protect apps once they are deployed. This is becoming more important as hackers increasingly target applications with their attacks. Application security…
What’s Under Your Hood? Security & the Connected Car
Picture this: you’re driving your newly purchased, fully equipped, top-of-the-line automobile. You’ve just filled your tank, thanks to the crowd sourcing app GasBuddy, and you’re about to begin the commute to work. But first— coffee. Thanks to SYNC3, Ford’s latest infotainment system, you easily order by stating “Alexa, ask Starbucks to start my order.” Your…
Ubuntu 17.10 brings enhanced security and productivity for developers
Canonical released Ubuntu 17.10 featuring a new GNOME desktop on Wayland, and new versions of KDE, MATE and Budgie. On the cloud, 17.10 brings Kubernetes 1.8 for hyper-elastic container operations, and minimal base images for containers. Enhanced security and productivity for developers The Atom editor and Microsoft Visual Studio Code are emerging as the new wave of…
Shift your perspective on cybercrime to realize how well you’re doing
A report recently surfaced placing the global impact of cybercrime at a staggering $450B. Naturally, it pressed on the tender wound and supplied further evidence that we are woefully unprepared, globally, to tackle such a complex challenge. In 2016 “cybercrime cost the global economy over $450 billion, over 2 billion personal records were stolen and…
Google Expands Safe Browsing Protection on macOS
Google announced this week that it will expand Safe Browsing on macOS in an effort to protect Chrome users against unwanted ad injections and unauthorized settings changes. “Safe Browsing is broadening its protection of macOS devices, enabling safer browsing experiences by improving defenses against unwanted software and malware targeting macOS,” Google’s Kylie McRoberts and Ryan…