Software Integrity Blog

Author Archive

Robert Vamosi

robertvamosi


Posts by Robert Vamosi:

 

Board rooms uncomfortable with software risks

A recent panel discussion hosted by a computer analysis firm has concluded that compliance officers lack technical expertise and clear ownership of the technologies involved.

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Board rooms uncomfortable with software risks

 

NHTSA investigates Tesla after first autopilot death

In May, a Tesla Model S driver using autopilot was killed when a tractor trailer drove across the highway perpendicular to the vehicle.

Continue Reading...

Posted in Automotive Security | Comments Off on NHTSA investigates Tesla after first autopilot death

 

Supply chain firmware flaw may have helped botnet spawn

Flaws in firmware commonly used by Closed Circuit TV (CCTV) devices worldwide have been exploited to create a powerful IoT-based botnet, according to one security firm.

Continue Reading...

Posted in Internet of Things | Comments Off on Supply chain firmware flaw may have helped botnet spawn

 

Vulnerabilities hit anti-malware software solutions

A Google researcher has disclosed a number of very serious vulnerabilities in Symantec and Norton anti-malware products.

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Vulnerabilities hit anti-malware software solutions

 

Feds consider a ‘hack the FDA’ bug bounty program

Coming on the heels of a successful “Hack the Pentagon” bug bounty program, in which one 18-year old received a $1K prize, the U.S. Federal Government is considering a similar program for healthcare.

Continue Reading...

Posted in Medical Device Security | Comments Off on Feds consider a ‘hack the FDA’ bug bounty program

 

Old malware creates new headaches for healthcare IT

A new study finds that old malware is actively being exploited in healthcare environments.

Continue Reading...

Posted in Medical Device Security | Comments Off on Old malware creates new headaches for healthcare IT

 

Why patching core open source libraries is only half the battle

On Tuesday, Talos, a division of Cisco, warned against three critical memory-related vulnerabilities that remain exploitable even after patching an open source component.

Continue Reading...

Posted in Open Source Security, Software Architecture and Design | Comments Off on Why patching core open source libraries is only half the battle

 

Lexus infotainment systems go dark after software glitch

Toyota confirmed on Thursday that infotainment and navigation systems on some Lexus models have shut down due to a software glitch.

Continue Reading...

Posted in Automotive Security, Internet of Things | Comments Off on Lexus infotainment systems go dark after software glitch

 

Podcast: The good and the bad of Heartbleed, Part 2

Two years after the vulnerability in OpenSSL known as Heartbleed there remain valuable lessons still to be learned both about how vulnerabilities are discovered and how the security community should respond.

Continue Reading...

Posted in Open Source Security, Software Architecture and Design | Comments Off on Podcast: The good and the bad of Heartbleed, Part 2

 

Russian bug bounty program to target government software

In a bid to harden government software in Russia, the government is discussing a possible bug bounty program.

Continue Reading...

Posted in General, Software Architecture and Design | Comments Off on Russian bug bounty program to target government software