Black Duck audit highlights risk of open-source security vulnerabilities

Black Duck, a company that serves up information about the latest security vulnerabilities on open source components, released its 2017 Open Source Security and Risk Analysis (OSSRA) today. The OSSRA revealed significant risks related to open-source vulnerabilities and license-compliance challenges, as well as high levels of risk in the retail and ecommerce industry. According to … continue reading

man on a computer

Free learning resources and tools for security savvy developers

Developers will never be responsible for all of security in an organization, but if they keep up with best practices, resources, and find new ways to secure and deliver good code, they could play a key role in developing resilient software. Today, most firms have a software security group (or SSG) or a product security … continue reading

Senate lawmaker asks FTC for answers on recent children’s IoT breaches

Recent data breaches involving children’s Internet-connected toys pushed U.S. Sen. Bill Nelson to write a letter to the Federal Trade Commission (FTC), detailing what steps it’s taken to protect the personal data of the children using such toys. This isn’t the first letter Nelson, a Democrat from Florida, has written in response to security breaches. … continue reading

Apple iOS 10.3: APFS implementation, developer improvements, and security updates

Apple has announced iOS 10.3 with the highly requested “Find my AirPods” feature, new Apple File System (APFS) implementation, and a number of developer improvements. Other enhancements include bug fixes and touch ID authentication for its Numbers, Pages, and Keynote productivity apps. The latest version of the mobile operating system went through seven beta versions … continue reading

Security Playbook 2017: How to improve practices this year

From LinkedIn to Yahoo, companies fell into the hands of hackers and identity thieves in 2016. Each year, companies seem to make the same security resolutions, only to face roadblocks like skill shortages, time constraints and budget issues, which prevent them from implementing good security practices. Experts recommended companies consider the following trends and predictions … continue reading

How to keep kids safe from unsecure IoT devices and toys

The world of Internet-connected devices targeted at children is a magical one. Toy dinosaurs can learn and communicate with a growing child, teddy bears can transmit messages overseas to military parents, and talking dolls can communicate with children via speech recognition software. But this connectedness comes with a price. Recent hacks on IoT toys are … continue reading

Report: Organizations embracing DevSecOps automation

The DevOps community is struggling with bringing security into the organization and across the software development life cycle (SDLC). However, new research from Sonatype reveals that while companies continue to face breaches, mature development organizations finally realize how critical it is to weave automated security early in the SDLC. Sonatype, a software automation and security … continue reading

Google introduces invisible reCAPTCHA, beta launch of Cloud Functions for Firebase, and Kaggle joins Google Cloud—SD Times news digest: March 10, 2017

Google is taking reCAPTCHA one step further by making it invisible. Now, human users will be let through without seeing the “I’m not a robot” checkbox, and bot and suspicious users will have to solve challenges that use Google’s risk analysis algorithms. The advantage of reCAPTCHA is its enhanced security, according to Google. It’s a … continue reading

Google’s Grumpy, FTC launches IoT challenge, and Apteligent open-sources its Xamarin SDK—SD Times news digest: Jan. 5, 2017

Google has put work into running its millions of lines of Python code, and those efforts have now turned into Grumpy: a new experimental Python runtime for Go. Grumpy translates Python code into Go programs, and it supports Google’s Python codebase. It is meant to be a drop-in replacement runtime for pure Python projects, according … continue reading

Yahoo discloses new breach; 1 billion users affected

Yahoo has been hacked, again. The company Wednesday disclosed that a newly discovered data breach had exposed the private information of more than one billion Yahoo users. It is believed that this breach is separate from the breach disclosed this September, where 500 million accounts were jeopardized. Regardless, the news means Yahoo has been the … continue reading

SecurityScorecard report: Top retailers have major security issues this year

It’s the holiday season, and retailers are watching their online sales climb. Business may be booming for these companies, but shoppers beware: 100% of these retailers have issues with domain security, according to SecurityScorecard’s “2016 Biggest Holiday Retailers Cybersecurity Report.” When it comes to cybersecurity, retailers have a lot to worry about, especially since these … continue reading

Report looks into Android device customization, Kony Mobility Platform, and Google makes exploring AI easy—SD Times news digest: Nov. 16, 2016

The Application Developers Alliance has conducted a story on Android device customization and consumer choices, and they found that apps tend not to be exclusively used, and almost all Android users customize their phone and their home screen. The report also found that most Android users prefer their new devices to come with apps “ready … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com