Topic: security

OpenSSL issues nine software fixes for encryption scheme

The popular OpenSSL encryption scheme underlying much of the Web’s security protocols is finally turning a corner. With Heartbleed now well behind it, the open-source SSL/TLS security protocol released a project road map laying out its short- and long-term goals, and it has issued nine security fixes to the encryption scheme. In a Security Advisory, … continue reading

From the Editors: Be the secure manager

It’s a mess out there. OpenSSL was compromised. The U.S. government is in your database. Cats and dogs living together; mass hysteria! But there is a solution. You, as a software development manager, hold the keys to making sure your software is secure. You hold the keys to making sure your infrastructure is secure. You … continue reading

The secure software development life cycle

Even with all we know about cross-site scripting and SQL injections, these attacks on servers remain pervasive. Part of that is due to the fact that security technology (firewalls, signatures, past definitions) was not focused on these types of attacks. Another part is that developers have not embraced security as something that is their concern. … continue reading

Security is front and center for developers

When it was announced on June 8 that OpenSSL was vulnerable to a dangerous new attack that could reveal security certificates to an attacker, the Internet spent a few days in panic mode. Thousands, if not millions, of sites used (and still use) OpenSSL, and the fix for the problem took a few days to … continue reading

SD Times news digest: July 28, 2014—Samsung Z Tizen phone delays, HiVE encryption, a wearable programming toy, and EMMS 4.0

Samsung indefinitely postpones launch of Tizen-powered Samsung Z It’ll be a bit longer before we see a Samsung phone running Tizen OS. Samsung announced it is delaying sales of the Samsung Z smartphone, the company’s first device running Tizen, the rival mobile platform to Android and iOS. Samsung canceled a developer conference in Russia where … continue reading

Five reasons you need to be thinking about logs

Logs were previously the last-resort debugging tool that a developer or Ops pro turned to when a serious issue arose. They were seen as complex data streams that only the most sophisticated and knowledgeable of engineers could understand. However, today, thanks to log-management innovations like real-time analysis, parsing and event visualizations, logs are now used … continue reading

Microsoft reveals ‘trio of threats’ infecting Windows devices with malware

Microsoft Security Intelligence Report shows prevalence of deceptive download malware in 2013 … continue reading

SD Times Blog: It’s World Password Day

Today marks a public service announcement to remind Internet users to protect their online identity … continue reading

What the White House has to say about Big Data

John Podesta’s group finds Big Data is very beneficial but can also lead to discrimination and privacy breaches … continue reading

From the Editors: ‘Because we can’ isn’t good enough

Google Glass software that allows users to detect surveillance cameras takes the technology in an unpleasant direction … continue reading

SD Times Blog: New zero-day bug affects every version of Internet Explorer

Microsoft is working to fix a remote code execution vulnerability in Internet Explorer versions 6 through 11 … continue reading

Zeichick’s Take: Trust, maybe verify, maybe not

For smaller companies, they must use code that they can’t verify themselves, leading to risky situations … continue reading

DMCA.com Protection Status