DevSecOps and the shift left in security: how Semmle is supporting software developers [Podcast]
Software security has been 'shifting left' in recent years. Thanks to movements like Agile and Dev(Sec)Ops, software developers are finding that they have to...
How Chaos Engineering can help predict and prevent cyber-attacks preemptively
It's no surprise that cybersecurity has become a major priority for global businesses of all sizes, often employing a dedicated IT team to focus...
An unpatched vulnerability in NSA’s Ghidra allows a remote attacker to compromise exposed systems
On September 28, the National Security Agency revealed a vulnerability in Ghidra, a free, open-source software reverse-engineering tool. The NSA released the Ghidra toolkit...
Researchers release a study into Bug Bounty Programs and Responsible Disclosure for ethical hacking...
On September 26, a few researchers from the Delft University of Technology (TU Delft) in the Netherlands, released a research paper which highlighted the...
MITRE’s 2019 CWE Top 25 most dangerous software errors list released
Two days ago, the Cybersecurity and Infrastructure Security Agency (CISA) announced MITRE’s 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list....
A new Stuxnet-level vulnerability named Simjacker used to secretly spy over mobile phones in...
Updated: On September 27, a few researchers from the Security Research Labs (SRLabs) released five key research findings based on the extent of Simjacker...
Endpoint protection, hardening, and containment strategies for ransomware attack protection: CISA recommended FireEye report...
Last week, the Cybersecurity and Infrastructure Security Agency (CISA) shared some strategies with users and organizations to prevent, mitigate, and recover against ransomware. They...
Security researcher publicly releases second Steam zero-day after being banned from Valve’s bug bounty...
Updated with Valve’s response: Valve, in a statement on August 22, said that its HackerOne bug bounty program, should not have turned away Kravets...
Vulnerabilities in the Picture Transfer Protocol (PTP) allows researchers to inject ransomware in Canon’s...
At the DefCon 27, Eyal Itkin, a vulnerability researcher at Check Point Software Technologies, demonstrated how vulnerabilities in the Picture Transfer Protocol (PTP) allowed...
“Developers need to say no” – Elliot Alderson on the FaceApp controversy in a...
Last month there was a huge furore around FaceApp, the mobile application that ages your photographs to show you what you might look like...