Developers worry about security, still half of teams lack an expert
While nearly 75% of developers worry about the security of their applications and 85% rank security as very important in the coding and development process, nearly half of …
software development
Create secure IoT products: Enable security by design
Good practices for IoT security, with a particular focus on software development guidelines for secure IoT products and services throughout their lifetime have been introduced …
50% of apps will not be migrated to the cloud
66% of businesses face difficulty in integrating and managing apps across third-party environments, while IT leaders also claim that over the next three years 50% of …
Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …
Adopting DevOps practices leads to improved security posture
A strong DevOps culture based on collaboration and sharing across teams, leads to an improved security posture, according to Puppet. Twenty-two percent of the firms at the …
BotSlayer tool can detect coordinated disinformation campaigns in real time
A new tool in the fight against online disinformation has been launched, called BotSlayer, developed by the Indiana University’s Observatory on Social Media. The …
Backdoored Ruby gems stole credentials, injected cryptomining code
The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …
Protecting iOS and Android applications in a fully automated way
In this Help Net Security podcast recorded at Black Hat USA 2019, Dave Belt, Technology Evangelist at Irdeto, and Jaco du Plooy, VP Cloakware at Irdeto, discuss the current …
Securing modern web apps: A case for framework-aware SAST
If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …
Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …
To benefit from DevOps implementation, security and dev teams must communicate better
Despite the enterprise benefits assured by adopting a DevOps culture, the majority of IT leaders believe communication between IT security and software development must …
1 in 10 open source components downloaded in 2018 had a known security vulnerability
This year’s Sonatype report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it …
