programming
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
What is wrong with developer security training?
“Turn a developer into a hacker” is a commonly heard call. There are many online courses and trainings that ostensibly teach developers how to write code that’s …
Data teams are discovering the benefits of automation and flexible coding
Ascend.io announced results from its research study about the work capacity and priorities of data teams, including data analysts, data scientists, data engineers, and …
The basics of security code review
With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …
Hiring remote software developers: How to spot the cheaters
For the past year, moving to an all-remote workforce has often been positioned as a silver lining to the pandemic. Software engineers, in particular, reported a better …
Digital business requires a security-first mindset
Security is an undeniable necessity for the survival and success of any company. COVID-19 accelerated digital transformation initiatives across all industries and this shift …
SQL injection: The bug that seemingly can’t be squashed
If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) …
Researchers develop tool that automates device programming in the IoT
The Internet of Things (IoT) has ushered in a new era, with everyday items evolving into what we now refer to as cyber-physical systems. These systems are physical mechanisms …
ControlFlag: Machine programming research tool detects bugs in code
Intel unveiled ControlFlag – a machine programming research system that can autonomously detect errors in code. Even in its infancy, this self-supervised system shows promise …
In the era of AI, standards are falling behind
According to a recent study, only a minority of software developers are actually working in a software development company. This means that nowadays literally every company …
New AI algorithm to detect cryptocurrency miners as they steal power
Computer scientists have developed a new artificial intelligence (AI) system that may be able to identify malicious codes that hijack supercomputers to mine for cryptocurrency …
Security analysis of legacy programming environments reveals critical flaws
New research from Trend Micro highlights design flaws in legacy languages and released new secure coding guidelines. These are designed to help Industry 4.0 developers greatly …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility