Software and security have been getting better, but computer software is still at risk of being compromised by physical access. A new class of security devices is on its way to protect data and control critical information, and with only three days to go on Kickstarter, the team behind it hopes they can build a … continue reading
As companies try to take the best security measures, CoreOS, a company that manages and secures containers, tries to help them out. CoreOS yesterday announced Tectonic with Distributed Trusted Computing. Tectonic is a Kubernetes solution for deploying, managing and securing containers. With Distributed Trusted Computing, it validates everything from the distributed application layer, the container, … continue reading
Microsoft researchers say they are making advancements in computer vision, deep learning, and understanding images. The company, along with colleagues from Carnegie Mellon University, has developed a new system that analyzes images and interprets it as a human would. “The ability to answer questions is critical to developing artificial intelligence tools, and this breakthrough could … continue reading
The quintessential open-source network mapper, Nmap, was updated to version 7 yesterday. This version includes mature IPv6 support and expanded capabilities for its scripting engine. The biggest draw for security-wary developers and admins alike, however, may be the top-shelf SSL/TLS scanning. With SSL and TLS vulnerable to so many different attacks discovered over the past … continue reading
Docker continues to release additions to its software and infrastructure. On Nov. 16, the company announced new security enhancements that safeguard and protect Dockerized distributed applications—without impacting the developer’s workflow. Unveiled during the company’s keynote address at DockerCon EU, the security enhancements—built on top of the Docker Content Trust Framework—are around hardware signing of container … continue reading
The Internet of Things is all around us, and every day we’re soaking it in. It is giving the Internet senses for the first time, which will drive us to the future of business technology. Sensors are a huge part of the Internet of Things—and soon a big part of the Internet as a whole. … continue reading
Security firm SourceDNA has revealed a number of iOS apps that are violating Apple’s App Store policy that use private APIs to obtain a user’s private data. The apps all had one thing in common: They used the Youmi advertising SDK from China. “We found 256 apps (est. total of 1 million downloads) that have … continue reading
Illumio has announced new partnerships with Docker and Mesosphere to provide its adaptive security tooling to container users. The Illumio Adaptive Security Platform brings security controls and monitoring into the development process, to be managed as part of the software development life cycle. Alan Cohen, chief commercial officer of Illumio, said that his company’s platform … continue reading
Microsoft announced several new products that cover containers, security and Internet of Things. Those products, announced at AzureCon, will be applicable to Microsoft’s Azure product line. “We live in a connected world, and the intelligent cloud is powering it all,” said Scott Guthrie, executive vice president of Microsoft’s Cloud and Enterprise Division. “As data and … continue reading
Man-in-the-middle attacks are nothing new. But when that man-in-the-middle attack includes cookie injections, things get messy. Security researcher Xiaofeng Zheng published a PDF describing the methods used to make such an attack work in August. In the PDF, Zheng detailed the lack of security around cookies. “The same-origin policy is a corner stone of Web … continue reading
Apple has removed a bevy of malicious applications from its iTunes App Store today. While there is no official word on how many applications were removed, according to Reuters, Chinese security firm Qihoo 360 Technology wrote on its blog that it has detected 344 tainted apps in the App Store. These apps were all infected … continue reading
Continuing its commitment to cloud security, Microsoft today announced it has acquired Adallom, which specializes in identity and access management. According to a Microsoft blog post by Takeshi Numoto, Microsoft corporate vice president of cloud and enterprise marketing, Adallom provides a cloud access security broker that gives visibility and control over access to data. (Related: … continue reading
