software development Archives - Help Net Security

software development

Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!

October 10, 2019

A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …

Adopting DevOps practices leads to improved security posture

September 26, 2019

A strong DevOps culture based on collaboration and sharing across teams, leads to an improved security posture, according to Puppet. Twenty-two percent of the firms at the …

BotSlayer tool can detect coordinated disinformation campaigns in real time

September 17, 2019

A new tool in the fight against online disinformation has been launched, called BotSlayer, developed by the Indiana University’s Observatory on Social Media. The …

Backdoored Ruby gems stole credentials, injected cryptomining code

August 21, 2019

The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …

Protecting iOS and Android applications in a fully automated way

August 20, 2019

In this Help Net Security podcast recorded at Black Hat USA 2019, Dave Belt, Technology Evangelist at Irdeto, and Jaco du Plooy, VP Cloakware at Irdeto, discuss the current …

Securing modern web apps: A case for framework-aware SAST

July 22, 2019

If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …

Malicious Python packages found on PyPI

July 18, 2019

Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …

To benefit from DevOps implementation, security and dev teams must communicate better

July 3, 2019

Despite the enterprise benefits assured by adopting a DevOps culture, the majority of IT leaders believe communication between IT security and software development must …

1 in 10 open source components downloaded in 2018 had a known security vulnerability

June 26, 2019

This year’s Sonatype report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it …

Researchers develop app to detect Twitter bots in any language

June 18, 2019

Thanks to fruitful collaboration between language scholars and machine learning specialists, a new application that can detect Twitter bots independent of the language used …

GitHub introduces Dependabot-powered automated security fixes

May 28, 2019

GitHub, the largest code-hosting site in the world, has announced many new features and changes at the 2019 GitHub Satellite conference that took place last week in Berlin. …

Researchers working on tools that aim to eliminate computer bugs

May 6, 2019

It’s bad enough losing an hour’s work when your computer crashes – but in settings like healthcare and aviation, software glitches can have far more serious consequences. In …