software development
Researchers develop data exchange approach with blockchain-based security features
An IT startup has developed a novel blockchain-based approach for secure linking of databases, called ChainifyDB. “Our software resembles keyhole surgery. With a barely …
What is driving the machine identity crisis?
Every machine needs a unique identity in order to authenticate itself and communicate securely with other machines. This requirement is radically changing the definition of …
Developers worry about security, still half of teams lack an expert
While nearly 75% of developers worry about the security of their applications and 85% rank security as very important in the coding and development process, nearly half of …
Create secure IoT products: Enable security by design
Good practices for IoT security, with a particular focus on software development guidelines for secure IoT products and services throughout their lifetime have been introduced …
50% of apps will not be migrated to the cloud
66% of businesses face difficulty in integrating and managing apps across third-party environments, while IT leaders also claim that over the next three years 50% of …
Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …
Adopting DevOps practices leads to improved security posture
A strong DevOps culture based on collaboration and sharing across teams, leads to an improved security posture, according to Puppet. Twenty-two percent of the firms at the …
BotSlayer tool can detect coordinated disinformation campaigns in real time
A new tool in the fight against online disinformation has been launched, called BotSlayer, developed by the Indiana University’s Observatory on Social Media. The …
Backdoored Ruby gems stole credentials, injected cryptomining code
The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …
Protecting iOS and Android applications in a fully automated way
In this Help Net Security podcast recorded at Black Hat USA 2019, Dave Belt, Technology Evangelist at Irdeto, and Jaco du Plooy, VP Cloakware at Irdeto, discuss the current …
Securing modern web apps: A case for framework-aware SAST
If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …
Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …