The University of Minnesota’s Computer Science and Engineering Department security researchers are facing intense scrutiny from the Linux community for intentionally trying to insert bugs into Linux patches. The buggy patches were a part of the research paper On the Feasibility of Stealthily Introducing Vulnerabilities in Open Source Software via Hypocrite Commits. The paper stated: … continue reading
Gremlin has added Automatic Service Discovery to its chaos engineering platform in an effort to help companies improve resilience and reduce downtime by identifying the various services running across distributed systems. “The rise in popularity of microservices necessitate services functioning as first-class citizens. The infrastructure layer is becoming more abstract and engineers are increasingly thinking … continue reading
Teller is an open-source productivity secret manager that aims to help developers with cloud-native apps and multiple cloud providers. The tool was built by developer-first cybersecurity company Spectral as a way to tackle the “last mile problem” of securing sensitive access and preventing data leaks. With Teller, developers never have to leave their terminal to … continue reading
Google has announced the third developer preview of its upcoming 12.0 release. The latest preview includes a new app launch experience, new video and camera capabilities and new permissions for exact alarms that help users save battery. Developers can use new splash screen APIs and resources to manage the splash screen window’s background color, replace … continue reading
Automating policy enforcement is a key component of ensuring development teams are releasing secure applications in today’s fast-paced, cloud-native world. Many DevSecOps teams are achieving this by utilizing policy as code. According to Tim Hinrichs, co-founder of Styra, policy as code provides a specific file format for policy that is readable by machines, which allows … continue reading
The warranty on your car is about to expire. Press 1 to purchase an extension. Someone has stolen your bank information. Click here to change your social security number. Your grandchild has been kidnapped. Send money to help us return the child safely. We get phishing emails like these literally all day long, and now … continue reading
I’ve spent most of my professional life convincing businesses to shift things left — shift-left testing for software, shift-left demand and supply forecasts for supply chains, shift-left analytics to understand future implications earlier than your competition. Hopefully that explains why it seems heretical for me to talk about shift-right testing at all. Will shift-right testing … continue reading
.NET 6 Preview 3 now available. The platform matrix of .NET 6 was significantly expanded as of the new preview with the addition of Android, iOS, Mac and Mac Catalyst for x64 and Apple Silicon and Windows Arm64. The CollectionsMarshal.GetValueRef API was added to make updating struct values in Dictionaries faster and is intended for … continue reading
Mobile games are often broken into so users can access premium content, paid features and obtain in-game currency. This is done by tampering with memory, bypassing payments and touchID screens, and downloading paid apps for free — and can be done on both jailbroken or non-jailbroken devices. In a recent webinar on SD Times, Jan … continue reading
BMC, a provider of software solutions for the autonomous digital enterprise, announced new offerings and integrations with its BMC Automated Mainframe Intelligence (AMI) and BMC Compuware portfolios that focus on streamlining mainframe application development, increased uptime and faster threat detection. The BMC Compuware ISPW solution for software change management enables developers to easily edit source … continue reading
Microsoft announced bug bounty awards for Teams desktop client security research under the new Microsoft Applications Bug Bounty Program. The program includes five scenario-based awards for vulnerabilities that have the highest potential impact on customer privacy and security and also general bounty awards for other valid reports for the Teams desktop client that don’t qualify … continue reading
The enterprise architecture and cloud governance company LeanIX made new SaaS management and microservices updates to its portfolio this week. The company announced it has acquired Cleanshelf, a SaaS management provider; and added Microservice Intelligence to its Continuous Transformation Platform. Cleanshelf’s software provides an automated view of all SaaS applications in an enterprise, simplifies management … continue reading
