This year’s Sonatype report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it also examines the rapidly expanding supply and continued exponential growth in consumption of open source components. For the fifth anniversary report, Sonatype collaborated with Gene Kim from IT Revolution, and…

Organizations are becoming increasingly dependent on open source libraries (OSLs) to develop code for software and websites. However, Jing Xie, senior threat intelligence researcher for Venafi, warns that the growing reliance on OSLs for software development leaves many companies vulnerable to trust-based attacks. Cybercriminals use trust attacks to maliciously manipulate and insert code into open…

Organizations could face big problems from seemingly small Web application vulnerabilities. The problem is, many of these bugs fly under the radar because they’re not considered severe. Shandon Lewis, senior Web application penetration tester at Backward Logic, discussed a few of these bugs in his presentation “Vulnerabilities in Web Applications That Are Often Overlooked” at…

For better or for worse, mainstream media is increasingly covering particularly dangerous, widespread or otherwise notable security vulnerabilities. The growing coverage has made more people aware of the risks and of the need to keep their various devices (software) up-to-date and, with the increased digitization of our everyday lives, I would say that’s a definitive…

A Commerce Department filing said the delay does not change the ban imposed by President Donald Trump on national security grounds, an action with major implications for US and Chinese technology firms. Instead, it grants a temporary license that will allow Huawei to continue doing business with American firms. “The Temporary General License grants operators…

Today’s technology landscape demands that companies determine how to manage and secure data in a connected ecosystem, as well as embrace it to create competitive advantages. The key concerns for IT decision-makers in this environment are cybersecurity, the ability to upgrade infrastructure and optimizing IT operations, according to the 2019 Insight Intelligent Technology Index, an…

The digitization of healthcare is changing the face of fraud. With the growth of electronic health records (EHRs), online patient portals and virtual clinics, a wealth of sensitive medical information is available across multiple digital channels and while hackers and cybercriminals pose a massive risk to this information, it’s not just “outside” fraudsters that are…

There’s a stunning lack of consumer trust in the ability of private and public sector organizations to protect their data, as well as sharply conflicting views between businesses and consumers regarding transparency in data collection and use, a Privitar research reveals. In the 2019 Privitar Privacy Pulse, released at the International Association of Privacy Professionals…

65% of consumers are concerned with the way connected devices collect data. More than half (55%) do not trust their connected devices to protect their privacy and a similar proportion (53%) do not trust connected devices to handle their information responsibly, according to a survey by IPSOS Mori on behalf of the Internet Society and…