Synopsys acquires Black Duck Software

Synopsys officially announced the acquisition of Black Duck Software this week. The companies first entered into an agreement that would enable Synopsys to acquire Black Duck early last month. According to Synopsys, the acquisition of Black Duck will help provide its customers with visibility into open source software. Black Duck provides automated solutions that detect … continue reading

Report: The top 8 emerging technology domains, and their threats

With great technology comes great risks. As new technology continues to emerge in this digital day and age, Carnegie Mellon University’s Software Engineering Institute (SEI) is taking a deeper look on the impact they will have. The institute has released its 2017 Emerging Technology Domains Risk report detailing future threats and vulnerabilities. “To support the … continue reading

Researchers: SAP Point-of-Sale systems vulnerable to attack

There are many ways hackers can exploit vulnerabilities to get the information they want. Flaws in Point-of-Sale (PoS) systems is on this list, and ERPScan researchers recently found that PoS software distributed by German vendor SAP is missing crucial checks that leave it vulnerable to unauthorized access and modification. A video demonstration by the research team shows a … continue reading

bug, pexels

Bugcrowd’s secret $250K bug bounty, Kony AppPlatform V8, and Git v2.14 — SD Times news digest: August 8, 2017

Bugcrowd is launching a bug bounty program for a secret customer, and the reward is the highest payout on the market today, in line with Microsoft’s recently increased max bug bounty payout of $250,000. The payout for this secret customer is $250,000, and according to the CEO of Bugcrowd, Casey Ellis, “High rewards like this … continue reading

Have I been Pwned? PyTorch v0.2.0, and new vulnerability data from Netsparker — SD Times news digest: August 7, 2017

Troy Hunt, a Microsoft regional director and security guru, released 320 million freely downloadable “Pwned Passwords” to shed light on how many real-world passwords have been exposed in data breaches. The service was created after NIST released guidance recommending that user-provided passwords be checked against existing data breaches. “My hope is that an easily accessible … continue reading

U.S. legislation for IoT vulnerabilities, Realm Academy, and Facebook’s video chat device — SD Times news digest: August 2, 2017

This week, a bipartisan group of U.S. senators announced plans to introduce legislation addressing vulnerabilities in IoT devices, which experts say is a threat to global security, according to a Reuters report. According to the report, the bill would require IoT vendors to provide their internet-connected equipment to the government as a way to make sure products … continue reading

Synopsys calls for removal, replacement of OWASP Top 10-A7

This year, the Open Web Application Security Project (OWASP) released its Top 10 2017 project for public review. There were two vulnerability updates to this year’s 14th release of OWASP, and although they were added to raise awareness on security risks in applications, one company is calling a movement for removal and replacement of one … continue reading

What is the WannaCry ransomware, and why should organizations be concerned?

There’s a new ransomware attack that has affected several organizations globally, and although it’s slow-moving, security experts are urging companies to keep their antivirus programs up-to-date, as well as their software. The ransomware — dubbed WannaCry (WanaCrypt0r 2.0/WCry) — has hit Britain’s National Health Service, some of Spain’s big companies, and has spread across Russia, … continue reading

OWASP adds unprotected APIs, insufficient attack protection to Top Ten 2017 release

The Open Web Application Security Project (OWASP) released its Top 10 2017 project for public comment. This is the 14th year OWASP is raising awareness of security risks with its list, and it contains two major vulnerability updates, example attack scenarios, and a list of free and open resources for security-conscious developers. When Jeff Williams, OWASP … continue reading

Apple iOS 10.3: APFS implementation, developer improvements, and security updates

Apple has announced iOS 10.3 with the highly requested “Find my AirPods” feature, new Apple File System (APFS) implementation, and a number of developer improvements. Other enhancements include bug fixes and touch ID authentication for its Numbers, Pages, and Keynote productivity apps. The latest version of the mobile operating system went through seven beta versions … continue reading

PyCharm 2017.1, MicroStrategy 10.7, Next.js 2.0, and Ubuntu 17.04 final beta released — SD Times news digest: March 27, 2017

PyCharm 2017.1 released JetBrains’ announced an update to its Python IDE, PyCharm. PyCharm 2017.1 features a faster debugger, enhanced Python and JavaScript unit testing as well as support for the six compatibility library. With its improved Python unit test runners, developers can now run any test configurations with the IDE. The JavaScript unit testing has … continue reading

Udacity-Didi self-driving car challenge, Collabnet releases TeamForge 17.1, and Bugsnag supports Code Push for React Native—SD Times news digest: March 9, 2017

Self-driving car enthusiasts can join the Udacity-Didi self-driving car challenge, which focuses on a core feature of self-driving cars: the Automated Safety and Awareness Processing Stack (ASAPS). ASAPS identifies stationary and moving objects from a moving car, and it uses data that includes radar objects, camera images and frames, and Velodyne’s point cloud, according to … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com