Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Equifax breach: Catastrophic, but no game changer yet

The Equifax breach generated plenty of sound and fury. Has the government responded with stricter regulation? Have companies stepped up their security game?

Continue Reading...

Posted in Data Breach Security | Comments Off on Equifax breach: Catastrophic, but no game changer yet

 

Tesla key fob issues, Tor Browser zero-day woes, and you’ve got malware!

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Dude, don’t take my Tesla! Plus Tor Browser zero-day (already wiped away), and you’ve got malware (if you fall for it!). Watch this week’s episode here:

Continue Reading...

Posted in Automotive Cyber Security | Comments Off on Tesla key fob issues, Tor Browser zero-day woes, and you’ve got malware!

 

Medical device security improvements coming—but not anytime soon

Will the cyber security of medical devices improve with the FDA’s adoption of UL 2900-2-1? Most devices weren’t designed to be connected to the internet.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security | Comments Off on Medical device security improvements coming—but not anytime soon

 

CamuBot malware, SonarSnoop hacking, and government backdoors

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? CamuBot malware is the new kid on the block, the sounds of hacking (SonarSnoop), and back to the government’s wish for chat backdoors. Watch this week’s episode below.

Continue Reading...

Posted in Application Security | Comments Off on CamuBot malware, SonarSnoop hacking, and government backdoors

 

Gmail Confidential? Not so much

According to privacy advocates, Google has a problem with truth in labeling.

Continue Reading...

Posted in Application Security | Comments Off on Gmail Confidential? Not so much

 

Fixing the CVE program, your personal data checking out and taking flight

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Fixing the CVE program, your personal data has already “checked out,” and it even “may potentially” have taken flight. Watch this week’s episode below to see why these stories are trending or read the transcript below.

Continue Reading...

Posted in Data Breach Security, Mobile App Security | Comments Off on Fixing the CVE program, your personal data checking out and taking flight

 

These hacks brought to you by ‘leaky’ APIs

Leaky APIs expose customer data for free to anyone who knows the URL. What are you doing to protect your customers from hackers targeting your APIs?

Continue Reading...

Posted in Data Breach Security, Web Application Security | Comments Off on These hacks brought to you by ‘leaky’ APIs

 

SamSam ransomware keeps striking—victims still unprepared

“You can pay (a little) now or you can pay (a lot) later” is a very old line—a pitch for oil filters almost 40 years ago. Unfortunately, it remains relevant in cyber security, especially when it comes to ransomware. And especially when that ransomware is the potent, pernicious SamSam.

Continue Reading...

Posted in Application Security | Comments Off on SamSam ransomware keeps striking—victims still unprepared

 

A test hack, don’t let Ghostscript haunt you, and a helpful hacker

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Not a real hack, but maybe a test hack, don’t let Ghostscript haunt you, and a helpful hacker. Watch this week’s episode below:

Continue Reading...

Posted in Data Breach Security, Open Source Security | Comments Off on A test hack, don’t let Ghostscript haunt you, and a helpful hacker

 

Survey: Data management is an afterthought in cloud migration

Failing to plan for cloud data migration challenges can result in data loss, breaches, and noncompliance, which increase costs and damage brand reputation.

Continue Reading...

Posted in Cloud Security | Comments Off on Survey: Data management is an afterthought in cloud migration