The year would not be complete without a major security breach, and although there are a number to choose from throughout any given year, Marriott ended 2018 with a doozy. The company revealed at the end of November that there had been unauthorized access to its Starwood reservation database for more than four years. This … continue reading
Google announced new security updates to its Android Pie Keystore. The Keystore provides cryptographic tools for securing user data. “Keystore moves the cryptographic primitives available in software libraries out of the Android OS and into secure hardware. Keys are protected and used only within the secure hardware to protect application secrets from various forms of … continue reading
Google is notifying developers about an ongoing investigation, and applications and SDKs that may be at risk for abuse. The company revealed last week two apps were removed from the Google Play Store because of evidence of attribution abuse. The company also found abuse in three ad network SDKs and have began contacting developers using … continue reading
Graph database solution provider Neo4j has closed an Series E round of funding at $80 million. This brings the company’s total growth funding to $160 million since 2007. The funding will be used to help the company power business applications with graph databases as well as increase the product to support popular use cases such … continue reading
Facebook is introducing a new AI hybrid tool aimed at finding and fixing bugs automatically. SapFix is designed to find bugs, generate fixes and propose action plans to engineers before rolling out into production. The company announced the tool at its annual @Scale conference in San Jose this week. According to the company, SapFix significantly … continue reading
While most organizations recognize the need to protect their web apps, their efforts tend to focus on the server side, leaving a critical attack vector exposed: the client side. The fact of the matter is the entire web application ecosystem must be protected, end to end, and that includes mobile, JavaScript, desktop, server and API. … continue reading
Researchers from the University of Alabama at Birmingham have announced a new two-factor authentication method that uses wearables and speech signals. The method “Listening-Watch” uses wearable devices such as smartwatches, activity trackers, and browser-generated speech sounds to perform two-factor authentication. “Listening-Watch offers two key security features,” said Nitesh Saxena, professor in the UAB College of … continue reading
Sonatype wants to make it easier for developers to have open-source governance with the release of Sonatype DepShield. The solution is a GitHub application that integrates directly within repositories, enabling developers to identify vulnerable open-source components. According to the company, DepShield constantly monitors projects and automatically creates issues when security vulnerabilities are detected. It offers … continue reading
WhiteSource is making its Vulnerability Checker available for free for developers to detect if their solutions contain any of the 50 most critical open-source bugs out there today. The checker will enable users to import and scan any library as well as check if their projects are susceptible to the most recent and common bugs. … continue reading
Following this week’s announcement of Android 9 Pie, Google is releasing a new Android SDK that offers more Kotlin features. According to the company, Android developers often run into problems with the Java programming language when accessing a null reference. Kotlin addresses this problem by providing nullable and non-nullable types in the type system, the … continue reading
Yale University is releasing a new report on the challenges and problem areas of cyber risk in today’s modern world. The report is based off of discussions from the second annual Yale Cyber Leadership Forum in April. The forum looked at the divide between the law, technology, and business communities as well as focused on … continue reading
Google is looking to improve biometrics in its upcoming operating system Android P. The company announced developers can start using the BiometricPrompt API to integrate biometric authentication into their apps. According to Google, biometrics are an important part to keeping users safe. Apps and devices typically utilize knowledge factors, possession factors and biometrics factors for … continue reading
