Please turn on your JavaScript for this page to function normally.
Stack Overflow
Secure coding in Java: Bad online advice and confusing APIs

For programmers and software developers, the Internet forums provide a great place to exchange knowledge and seek answers to concrete coding conundrums. Alas, they are not …

LabVIEW
Cisco unveils LabVIEW code execution flaw that won’t be patched

LabVIEW, the widely used system design and development platform developed by National Instruments, sports a memory corruption vulnerability that could lead to code execution. …

bomb
Another Ukrainian software maker’s site compromised to spread malware

The web server of Crystal Finance Millennium, a Ukraine-based accounting software firm, has been compromised and made to host different types of malware. The discovery of the …

fuzzing
Microsoft opens fuzz testing service to the wider public

Microsoft Security Risk Detection, a cloud-based fuzz testing service previously known under the name Project Springfield, is now open to all and sundry. Fuzz testing (i.e. …

GnuPG
GnuPG developers start new fundraising effort

Werner Koch and his team of GnuPG developers are asking for funding for the continued development of the popular free email and data encryption software. What is GnuPG, and …

architecture
Introducing security into software through APIs

Application programming interfaces (APIs) can make life easier for software developers, allowing them to concentrate on what they do best and preventing them from being forced …

cube
Software security assurance: Everybody’s invited

As more and more things in this world of ours run on software, software security assurance – i.e. confidence that software is free from vulnerabilities (either …

Android unlocked
How secure are mobile banking apps?

Do banking institutions have a good handle on the things they need to remediate and new control layers they need to adopt to keep users secure? To answer those questions, …

Dawnscanner
Scan Ruby-based apps for security issues with Dawnscanner

Dawnscanner is an open source static analysis scanner designed to review the security of web applications written in Ruby. Dawnscanner’s genesis Its developer, Paolo …

Project Springfield: Cloud-based fuzz testing for uncovering million-dollar bugs

This Moday Microsoft debuted Project Springfield, a cloud-based fuzz testing (aka fuzzing) service that the company has been working on for a quite a while. David Molnar and …

EFF
How the EFF was pushed to rethink its Secure Messaging Scorecard

As good as the idea behind Electronic Frontier Foundation’s Secure Messaging Scorecard is, its initial version left much to be desired. The idea was to provide a …

face
Intel Crosswalk bug invalidates SSL protection

A bug in the Intel Crosswalk Project library for cross-platform mobile development can open users to man-in-the-middle attacks, researchers from Nightwatch Cybersecurity have …

Don't miss

Cybersecurity news