software development
Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …
Adopting DevOps practices leads to improved security posture
A strong DevOps culture based on collaboration and sharing across teams, leads to an improved security posture, according to Puppet. Twenty-two percent of the firms at the …
BotSlayer tool can detect coordinated disinformation campaigns in real time
A new tool in the fight against online disinformation has been launched, called BotSlayer, developed by the Indiana University’s Observatory on Social Media. The …
Backdoored Ruby gems stole credentials, injected cryptomining code
The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …
Protecting iOS and Android applications in a fully automated way
In this Help Net Security podcast recorded at Black Hat USA 2019, Dave Belt, Technology Evangelist at Irdeto, and Jaco du Plooy, VP Cloakware at Irdeto, discuss the current …
Securing modern web apps: A case for framework-aware SAST
If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …
Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …
To benefit from DevOps implementation, security and dev teams must communicate better
Despite the enterprise benefits assured by adopting a DevOps culture, the majority of IT leaders believe communication between IT security and software development must …
1 in 10 open source components downloaded in 2018 had a known security vulnerability
This year’s Sonatype report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it …
Researchers develop app to detect Twitter bots in any language
Thanks to fruitful collaboration between language scholars and machine learning specialists, a new application that can detect Twitter bots independent of the language used …
GitHub introduces Dependabot-powered automated security fixes
GitHub, the largest code-hosting site in the world, has announced many new features and changes at the 2019 GitHub Satellite conference that took place last week in Berlin. …
Researchers working on tools that aim to eliminate computer bugs
It’s bad enough losing an hour’s work when your computer crashes – but in settings like healthcare and aviation, software glitches can have far more serious consequences. In …
Featured news
Resources
Don't miss
- Mirai botnet behind the largest DDoS attack to date
- 48,000+ internet-facing Fortinet firewalls still open to attack
- Acronis CISO on why backup strategies fail and how to make them resilient
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving