programming
De-anonymizing code authors by analyzing executable binaries
A group of researchers that have previously proven that it’s possible to de-anonymize programmers by analysing the source code of programs they have created, have now …
86% of PHP-based apps contain at least one XSS vulnerability
Four out of five applications written in PHP, Classic ASP and ColdFusion that were assessed by Veracode failed at least one of the OWASP Top 10. Given the volume of PHP …
High-impact DoS flaw patched in Node.js, update as soon as possible
The Node.js Foundation has pushed out a patch for its eponymous open source, cross-platform runtime environment for developing server-side web applications. The fix plugs two …
Apple’s Swift programming language is now open source
Apple announced that its Swift programming language is now open source. Swift is a powerful and intuitive programming language that gives developers the freedom and …
Researchers get $100k for detecting emerging class of C++ bugs
Facebook has awarded $100,000 to a team of researchers from Georgia Tech for their discovery of a new method for identifying “bad-casting” vulnerabilities that …
79% of companies release apps with known vulnerabilities
The application development process is rampant with security risks due to current business pressures, according to new research released at Black Hat USA 2015 by Prevoty. From …
Commercial code is more compliant to security standards than open source code
A new report details the analysis of nearly 10 billion lines of source code through the Coverity Scan service and usage of the Synopsys Coverity Software Testing Platform.For …
One in 600 websites exposes sensitive info via easily accessible .git folder
Git is the most popular tool for software version control out there. Created by Linus Torvalds to facilitate Linux kernel development, Git is a boon for software developers as …
Researchers eliminate coding errors by using good code from “donor” apps
The main appeal of open source software is in the fact that its source code can be reviewed by anyone and, theoretically, stealthy backdoors and unintentional errors should be …
Why WinSCP became an open source classic
If you’re a Windows user and you’re connecting securely to remote machines, you’ve probably heard about WinSCP. This multi-functional open source tool has …
The enduring chasm between security teams and developers
The gap between application builders (developers and development organizations) and defenders (security and operations teams responsible for securing apps) is closing …
Do smart machines require ethical programming?
Realizing the potential of smart machines — and ensuring successful outcomes for the businesses that rely on them — will hinge on how trusted smart machines are and how well …