Topic: security

Analyst Watch: Don’t treat mobile developers as security experts

Ask any business leader if they’re OK relaxing their mobile security standards and they’ll quickly tell you it’s not an option. But as mobile apps transition from standalone experiences to integral parts of an overall physical/digital ecosystem, securing them becomes more complex and more dynamic—a job well beyond the duties of mobile app developers. Mobile … continue reading

Researchers discover emerging class of C++ bugs, Intel’s diversity report, and Android Experiments—SD Times news digest: Aug. 13, 2015

Researchers from Georgia Tech have discovered an emerging class of C++ bugs, and Facebook has awarded them US$100,000 for their efforts. The bugs are rooted in a new method for identifying “bad casting” vulnerabilities in C++ programs casted dynamically or statically at runtime. The researchers, who presented their findings at the USENIX Security ’15 conference, … continue reading

IBM discovers Android vulnerability, Windows 10 IoT core, and OpenSSH 7.0—SD Times news digest: Aug. 11, 2015

Researchers from IBM’s X-Fore Application Security team have discovered a new serialization vulnerability that affect more than 55% of Android phones. According to the researchers, the vulnerability could allow attacks to perform arbitrary code execution and gain access to a user’s device. The vulnerability is nestled within the Android platform, and it affects Android Jelly … continue reading

SD Times Blog: x86 exploit released

Your teams have taken a lot of time to ensure your super secret systems are super secret, right? Thanks to Black Hat 2015, all that work to prove a system is secure and reliable is going to have to be redone. Christopher Domas, security researcher at the Battelle Memorial Institute, metaphorically dropped the mic and … continue reading

Microsoft’s open-source iOS bridge for Windows 10, a Firefox exploit, and WebGLStudio.js—SD Times news digest: Aug. 7, 2015

Microsoft has released an early look at its open-source Windows 10 Bridge for iOS. Previously known as “Project Islandwood,” the bridge allows iOS developers to build and run apps on Windows. The version currently available to the open-source community is a work in progress, and Microsoft is encouraging feedback and code contributions before the final … continue reading

Industry Watch: Software industry M&A grows in the last year

Mergers and acquisitions in the first six months of this year grew by 3% over the last six months of last year, according to a new study by mid-market investment bank Berkery Noyes. That’s a positive sign that investment in the technology sector remains strong. In fact, beginning from the last six months of 2013, … continue reading

Android Developer Conference kicks off

Call it the digital sword of Damocles: Like some torturous situation out of an Edgar Allan Poe story, the entire world’s population of Android users is currently waiting with baited breath for Joshua Drake (Jduck) to release his claimed super exploit for Android. The famous security researcher claims his exploit can take advantage of 95% … continue reading

SD Times Blog: Batten down the patches

It’s that time of year again: Black Hat and Defcon are upon us! That means your systems are all in danger, and your applications should be afraid. Not only will there be (and has already been) an endless stream of new exploits dropped at the shows, but the weekend of Defcon is, effectively, open season … continue reading

Samsung’s JerryScript IoT engine, Intel’s Cloud for All initiative, and Microsoft buys Adallom—SD Times news digest: July 27, 2015

Samsung open-source JavaScript Internet of Things engine Samsung has open-sourced JerryScript, a JavaScript engine for the Internet of Things. JerryScript is designed to run on microcontrollers and other Internet of Things devices with constrained RAM and ROM space. The engine supports on-device code compilation and execution, and provides access to peripherals from JavaScript. The project … continue reading

Honda’s 2016 Accord with Android Auto and Apple CarPlay, and earnings reports from Amazon and CA—SD Times news digest: July 24, 2015

Honda has unveiled its 2016 Accord featuring both Android Auto and Apple CarPlay interface functionality. Honda becomes the first auto manufacturer to roll out a connected vehicle supporting both Apple and Google’s automotive operating systems synced with an Android or iOS device. Android Auto offers 2016 Accord drivers features such as Google Maps, Google Now, … continue reading

Google’s Top 5 online security practices from experts and users

Google security researchers say “non-expert” Web users overlook software updates—the “seatbelts of online security” as a best practice, along with other misconceptions about safe Web habits. Google researchers have published the results of two surveys, one with 231 security experts and another with 294 Web users, asking respondents what practices they took to keep their … continue reading

SD Times GitHub Project of the Week: SIMP

The NSA is getting into open source with the System Integrity Management Platform (SIMP), a cybersecurity tool for the masses. From the National Security Agency, the governmental organization that brought you PRISM and the arsenal of surveillance tools leaked in the Snowden files comes SIMP, a Linux framework designed to provide a combination of security … continue reading

DMCA.com Protection Status