Please turn on your JavaScript for this page to function normally.
open source
Open source security: The risk issue is unpatched software, not open source use

Many of the trends in open source use that have presented risk management challenges to organizations in previous years persist today. However, new data also suggest that an …

Framing supply chain attacks

The increase in the demand for innovative software has effectively reshaped the software development industry itself. Today, speed and agility are paramount and development …

Apache
Patched Apache flaw is a serious threat for web hosting providers

Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via …

Hands
Meet the new generation of white hats

The past two years have seen an explosion in the number of software vulnerabilities being published, jumping from 6,447 in 2016 to 14,714 in 2017. Seeing as 2018 beat out the …

NSA unveils Ghidra reverse engineering tool at RSA Conference 2019

The National Security Agency (NSA) has released Ghidra, a free and cross-platform software reverse engineering tool suite used internally by the intelligence agency. They are …

patch
OSSPatcher: Automated mobile application patching for bugs in open source libraries

Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile …

NGINX
Building security into cloud native apps with NGINX

Companies like Airbnb, Uber and DoorDash, which have a cloud-based software infrastructure as one of their main enablers, are disrupting the hospitality, transportation and …

LibreOffice
Malicious macros can trigger RCE in LibreOffice, OpenOffice

Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and …

data
Companies getting serious about AI and analytics, 58% are evaluating data science platforms

New O’Reilly research found that 58 percent of today’s companies are either building or evaluating data science platforms – which are essential for companies that are …

bug bounties
EU launches bug bounties on free and open source software

After setting up a bug bounty program for VLC Media Player in late 2017, the European Commission (EC) has announced the launch of 14 new ones that will cover other free and …

Critical Kubernetes privilege escalation flaw patched, update ASAP!

A critical privilege escalation vulnerability affecting the popular open source cluster management and container orchestration software Kubernetes has been patched on Monday. …

Blocks
For recent big data software vulnerabilities, botnets and coin mining are just the beginning

The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more …

Don't miss

Cybersecurity news