Software Integrity

 

Big data breaches, costly cyber attacks, vuln detection for Kubernetes

Big Data Breaches, Costly Cyberattacks, Vuln Detection for Kubernetes

This week’s Open Source Insight features a powerful visualization tool displaying the world’s biggest data breaches at name brands such as Ebay, Equifax, Anthem, and Target. The White House and British Foreign Office have condemned a cyber attack launched by the Russian military on Ukraine and hint at reprisals. Black Duck OpsSight brings open source vulnerability detection to Kubernetes, and Synopsys will host Elevate, an evening thought leadership event at Embedded World 2018 featuring an elite group of international cyber security experts leading a discussion about IoT and embedded systems security threats and solutions.

Read on for all the open source security and cybersecurity news you need to know this week.

Check out this powerful visualization tool displaying the world’s biggest data breaches

World’s biggest data breaches & hacks — Information is Beautiful

via Information is Beautiful (and it is): Very cool data visualization of the world biggest data breaches, leaks and hacks. Constantly updated.

Russia blamed for ‘costliest cyberattack in history’: What you need to know

via Fortune: The U.S. and U.K. have taken the unusual step of attributing last year’s massive “NotPetya” cyberattack to Russia. The White House warned of “international consequences” and the British Foreign Office said we have “entered a new era of warfare.” Here’s what you need to know to get up to speed with the situation, and to understand what those consequences might entail.

Synopsys to showcase industry-leading electronic design, IP, and software security solutions at Embedded World 2018

via PR Newswire: During the conference, Synopsys will also host Elevate, an evening thought leadership event featuring an elite group of international cyber security experts leading a discussion about IoT and embedded systems security threats and solutions. Elevate is free and open to all conference attendees but space is limited. See registration details.

Open source audits in merger and acquisition transactions

via Linux Foundation: Is a merger and acquisition scenario the only time an organization should consider an open source audit? No, regular audits can provide much value, and companies such as Black Duck by Synopsys have specialized in doing them in many types of business scenarios.

Black Duck OpsSight brings open source vulnerability detection to Kubernetes

via Synopsys Software Integrity blog: This week we released a new version of Black Duck OpsSight, a solution for vulnerability detection and alerting in production environments. When we introduced Black Duck OpsSight for OpenShift in November, we made it possible for customers who use Black Duck Hub as an integral part of their SDLC security process to also monitor the open source security of their application deployment environments. This newest release shares that security solution with customers who are running the Kubernetes as their container orchestration platform.

With under a 100 days to go: ‘72% of organisations worldwide are GDPR ready’

via Information Age: Businesses worldwide believe there will be a variety of benefits they will gain from being GDPR compliant. Nearly half of all organisations surveyed, at 46%, say the most important benefit from being GDPR compliant is gaining customer trust to handle sensitive data. 31% of businesses believe the most important value from compliance is enhanced brand awareness. 18% of respondents felt GDPR compliance will increase customer loyalty is the most important benefit.

Power(Shell) to the people

via Synopsys Software Integrity blog: Earlier this year, PowerShell Core became generally available under an Open Source ( MIT) license. PowerShell is hardly a new technology. From its first release for Windows in 2006, PowerShell’s creators sought to incorporate the power and flexibility of Unix shells while remedying their perceived deficiencies, particularly the need for text manipulation to derive value from combining commands.

Small crypto mining attack points to big browser problem

via Synopsys Software Integrity blog: The criminals who infected an estimated 5,000 or more websites in the US, the UK, Canada, Ireland and Australia starting at 11:14 a.m. GMT Sunday – many of them government sites – were apparently only interested in sucking electricity and processing power from victim computers so they could mine the cryptocurrency Monero.

Synopsys is a leader in Application Security Testing. Read the Gartner 2018 MQ. 

 

More by this author