Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Vulnerable routers are still out there—and hackers are noticing

Vulnerable routers aren’t news Long ago and far away—in 2014, which is indeed long ago and far away in our cutting-edge world of information technology—security gurus like Dan Geer, Jim Gettys, and Bruce Schneier were issuing urgent warnings about the catastrophic insecurity of routers—those devices in our homes that give us access to the World Wide Web.

Continue Reading...

Posted in Internet of Things, Static Analysis (SAST) | Comments Off on Vulnerable routers are still out there—and hackers are noticing

 

Ex-CIA employee insider threat, FlightTrader24 hack, and RedHat licenses

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? Ex-CIA employee insider threat and how he was outed, insight into the FlightTrader24 hack, and what you need to know about the RedHat open source license copyright conundrum. Watch and learn more:

Continue Reading...

Posted in Data Breach, General, Open Source Security | Comments Off on Ex-CIA employee insider threat, FlightTrader24 hack, and RedHat licenses

 

Is IoT a tool for Big Brother via DMCA?

What if it turns out that Big Brother is much more diverse, and a bit more subtle, than a monolithic figure at the head of an intrusive, tyrannical government?

Continue Reading...

Posted in General, Internet of Things | Comments Off on Is IoT a tool for Big Brother via DMCA?

 

World Cup device hacking dangers, Apple malware, and VPNFilter updates

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? The FIFA World Cup overfloweth—with hackers, forgeries take a bite out of Apple security, and routing us to “Hackerville” (a VPNFilter update). Watch this episode here:

Continue Reading...

Posted in Data Breach, General | Comments Off on World Cup device hacking dangers, Apple malware, and VPNFilter updates

 

Microsoft acquires GitHub, Election Insecurity, and Ticketfly data breach

 

Continue Reading...

Posted in Data Breach, General, Open Source Security | Comments Off on Microsoft acquires GitHub, Election Insecurity, and Ticketfly data breach

 

The IoT: Too big (and buggy) to patch?

The Internet of Things isn’t too big to fail, but is it too big to patch? IoT security experts talk about why and how to upgrade IoT device firmware.

Continue Reading...

Posted in Internet of Things | Comments Off on The IoT: Too big (and buggy) to patch?

 

Digital license plates, GDPR risks and hackers, security bugs in AI robots

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? California puts a lot on your plate, the law of unintended consequences as it related to GDPR risks, and porous pepper. Watch the entire episode below:

Continue Reading...

Posted in General, Internet of Things | Comments Off on Digital license plates, GDPR risks and hackers, security bugs in AI robots

 

VPNFilter, BMW connected car vulnerability, and Nest IoT devices go offline

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s episode, you ask? Russia vs. Ukraine, Beemer as the ultimate hackable machine, and Nest “smart home” devices.

Continue Reading...

Posted in Automotive Security, General, Internet of Things, Software Architecture and Design | Comments Off on VPNFilter, BMW connected car vulnerability, and Nest IoT devices go offline

 

Open source security report, Serious XSS vulnerabilities, and ICS attack vectors

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode.

Continue Reading...

Posted in General, Open Source Security | Comments Off on Open source security report, Serious XSS vulnerabilities, and ICS attack vectors

 

Bad Signal gets quick fix

It looked like a bright spot in a gloomy week for the encrypted messaging app Signal. And it was, in fact, a positive thing—a patch for a serious XSS (cross-site scripting) vulnerability that the company made available only hours after a public report of the problem. It just wasn’t quite as bright a moment as it initially appeared.

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Bad Signal gets quick fix