The Common Weakness Enumeration (CWE) has released its 2020 “Top 25 Most Dangerous Software Weakness” report, which found improper neutralization of input during web page generation, also known as cross-site scripting (XSS), and out-of-bounds write, where the most dangerous weakness. With cross-site scripting, software does not neutralize or incorrectly neutralizes user-controllable input before it is … continue reading
Microsoft is applying machine learning and deep neural networks to its software security approach. The company announced a new research project, neural fuzzing, designed to augment traditional fuzzing techniques, discover vulnerabilities, and learn from past software experiences. The research is based on Microsoft’s Security Risk Detection tool that incorporates artificial intelligence to find and detect … continue reading
For anyone out there still using Adobe’s Flash Player, the company has just announced a significant security update. According to an Adobe security bulletin, the patch addresses “critical vulnerabilities that could potentially allow an attacker to take control of the affected system.” In total, the company found 23 security loopholes, as well as reports of … continue reading
Google wants students to go beyond an Hour of Code. The company has announced the Google Code-in competition, a seven-week competition where students work on real software projects and get help from mentors. Students can browse from hundreds of tasks from 14 open-source organizations ranging from healthcare, desktop and portable computing, to game development, and … continue reading
Smartwatch users might want to think twice about the information they plug into their wearable device, as a recent study from HP revealed a majority of these technologies have serious security flaws. “Smartwatches have only just started to become a part of our lives, but they deliver a new level of functionality that could potentially … continue reading