Dennis Fisher talks with Gary McGraw of Cigital about the IEEE’s new Center for Secure Design program, the difficulty of defeating large classes of bugs and the collaborative effort it will take to solve the software security problem.
Browsing Category: Vulnerabilities
A new watering hole attack is targeting the aerospace, automotive and manufacturing industries with a new reconnaissance malware tool called “Scanbox.”
A researcher discovered an issue with the random generation of WPS keys in a number of unnamed routers that could allow an attacker to guess the key in one try.
The IEEE’s Center for Secure Design’s new guidance for software architects called “Avoiding the Top 10 Software Security Design Flaws” debuted this week.
The 2014 IBM X-Force Threat Intelligence Quarterly takes a look back at Heartbleed and how organizations were affected by it.
Netflix engineers released two new application security tools to open source this week, a continuing effort from the streaming services company.
Google has fixed 50 security vulnerabilities in its Chrome browser, including a critical string of bugs that can allow an attacker to execute arbitrary code outside of the browser’s sandbox. This is one of the larger batches of fixes that Google has produced for Chrome recently. The company releases frequent updates for the browser and often[...]
Researchers have discovered a weakness in Android that is likely present in other leading operating systems that can be abused and lead to information leakage.
The developers behind Akeeba fixed an outstanding issue this week that could have let anyone download users’ site backups, passwords and user lists.
Tor Executive Director Andrew Lewman told the BBC that intelligence agency insiders share bug information with Tor developers under their bosses’ noses.