software
Why banks should incorporate software bill of materials (SBOM) into their third-party risk programs
In the face of rising cybersecurity threats, the Biden administration issued an executive order in May 2021 calling for improvements in the supply chain. Among the recommended …
The Linux Foundation’s Census of OSS app libraries helps prioritize security work
The Linux Foundation announced the final release of “Census II of Free and Open Source Software – Application Libraries,” which identifies more than one thousand of the …
Attackers used Dridex to deliver Entropy ransomware, code resemblance uncovered
Sophos released a research that details code similarities in the general purpose Dridex botnet and the little-known ransomware, Entropy. The similarities are in the software …
Software supply chain security still a pain point
ActiveState announced the results of its survey, providing insights into the security challenges of the software industry’s open source supply chain, which includes the …
Tackling supply chain security head-on
Threats against supply chains are growing and the reality is that the size, cost, and sophistication of these threats make it difficult for anyone organization to control or …
Supply chain shortages create a cybersecurity nightmare
The White House has recently issued alerts noting that many manufacturers suffer from disrupted supply chains, and rebuilding supply chains is a major priority. Some analysts …
Kali Linux 2022.1 released: New tools, kali-linux-everything, visual changes
Offensive Security has released Kali Linux 2022.1, the latest version of its popular open source penetration testing platform. Visually refreshed and with improved usability …
The importance of implementing security scanning in the software development lifecycle
Veracode published a research that finds most applications are now scanned around three times a week, compared to just two or three times a year a decade ago. This represents …
78% of organizations expect to produce or consume SBOMs in 2022
The Linux Foundation announced the availability of the first in a series of research projects to understand the challenges and opportunities for securing software supply …
Preventing software security vulnerabilities with automation
A team of UTSA researchers is exploring how a new automated approach could prevent software security vulnerabilities. The team sought to develop a deep learning model that …
How threat actors are using npm to launch attacks
WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide. The report is based on …
Product showcase: Cybellum’s Product Security Lifecycle Platform
Automotive, medical device and industrial equipment manufacturers are building critical devices we all rely on – from the cars we use to commute, the equipment that …
Featured news
Resources
Don't miss
- Salesforce Gainsight compromise: Early findings and customer guidance
- Research shows identity document checks are missing key signals
- How one quick AI check can leak your company’s secrets
- Salesforce investigates new incident echoing Salesloft Drift compromise
- Security gap in Perplexity’s Comet browser exposed users to system-level attacks