Posted by Fred Bals on Friday, February 16th, 2018
This week’s Open Source Insight features a powerful visualization tool displaying the world’s biggest data breaches at name brands such as Ebay, Equifax, Anthem, and Target. The White House and British Foreign Office have condemned a cyber attack launched by the Russian military on Ukraine and hint at reprisals. Black Duck OpsSight brings open source vulnerability detection to Kubernetes, and Synopsys will host Elevate, an evening thought leadership event at Embedded World 2018 featuring an elite group of international cyber security experts leading a discussion about IoT and embedded systems security threats and solutions.
Read on for all the open source security and cybersecurity news you need to know this week.
via Information is Beautiful (and it is): Very cool data visualization of the world biggest data breaches, leaks and hacks. Constantly updated.
via Fortune: The U.S. and U.K. have taken the unusual step of attributing last year’s massive “NotPetya” cyberattack to Russia. The White House warned of “international consequences” and the British Foreign Office said we have “entered a new era of warfare.” Here’s what you need to know to get up to speed with the situation, and to understand what those consequences might entail.
via PR Newswire: During the conference, Synopsys will also host Elevate, an evening thought leadership event featuring an elite group of international cyber security experts leading a discussion about IoT and embedded systems security threats and solutions. Elevate is free and open to all conference attendees but space is limited. See registration details.
via Linux Foundation: Is a merger and acquisition scenario the only time an organization should consider an open source audit? No, regular audits can provide much value, and companies such as Black Duck by Synopsys have specialized in doing them in many types of business scenarios.
via Synopsys Software Integrity blog: This week we released a new version of Black Duck OpsSight, a solution for vulnerability detection and alerting in production environments. When we introduced Black Duck OpsSight for OpenShift in November, we made it possible for customers who use Black Duck Hub as an integral part of their SDLC security process to also monitor the open source security of their application deployment environments. This newest release shares that security solution with customers who are running the Kubernetes as their container orchestration platform.
via Information Age: Businesses worldwide believe there will be a variety of benefits they will gain from being GDPR compliant. Nearly half of all organisations surveyed, at 46%, say the most important benefit from being GDPR compliant is gaining customer trust to handle sensitive data. 31% of businesses believe the most important value from compliance is enhanced brand awareness. 18% of respondents felt GDPR compliance will increase customer loyalty is the most important benefit.
via Synopsys Software Integrity blog: Earlier this year, PowerShell Core became generally available under an Open Source ( MIT) license. PowerShell is hardly a new technology. From its first release for Windows in 2006, PowerShell’s creators sought to incorporate the power and flexibility of Unix shells while remedying their perceived deficiencies, particularly the need for text manipulation to derive value from combining commands.
via Synopsys Software Integrity blog: The criminals who infected an estimated 5,000 or more websites in the US, the UK, Canada, Ireland and Australia starting at 11:14 a.m. GMT Sunday – many of them government sites – were apparently only interested in sucking electricity and processing power from victim computers so they could mine the cryptocurrency Monero.
Get the latest AppSec news and trends sent directly to you.