Software Integrity

Archive for the 'Government Security' Category

 

President’s ‘cybersecurity moonshot’: Transformational or pie in the sky?

Making the internet safe and secure in 10 years isn’t going to be easy, if it’s even possible. And that’s why NSTAC’s new proposal is a cyber security moonshot.

Continue Reading...

Posted in Critical Infrastructure Security, Government Security

 

Threats obvious, but electronic voting systems remain insecure

Election security requires that voters trust the results. But many U.S. electronic voting systems are clearly insecure, and untrustworthy. What are we doing about it?

Continue Reading...

Posted in Critical Infrastructure Security, Government Security

 

US vows to go on cyber offense

The original version of this article was published in Forbes. We’re all familiar with saber rattling. But this is the digital age. Welcome to the world of cyber rattling. This version of it comes in two policy papers from the U.S. government: the White House Cyber Policy and the Department of Defense (DoD) Cyber Strategy. One of […]

Continue Reading...

Posted in Critical Infrastructure Security, Government Security

 

Porous portals, Newegg is a broken egg, and Mirai’s creators have new hats

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Porous payment portals lead to government data breaches, Magecart pwns Newegg, and the Mirai creators trade in their black hats for white ones. Watch this week’s […]

Continue Reading...

Posted in Data Breach, Government Security, Weekly Security Mashup

 

CamuBot malware, SonarSnoop hacking, and government backdoors

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? CamuBot malware is the new kid on the block, the sounds of hacking (SonarSnoop), and back to the government’s wish for chat backdoors. Watch this […]

Continue Reading...

Posted in Government Security, Weekly Security Mashup

 

SamSam ransomware keeps striking—victims still unprepared

“You can pay (a little) now or you can pay (a lot) later” is a very old line—a pitch for oil filters almost 40 years ago. Unfortunately, it remains relevant in cyber security, especially when it comes to ransomware. And especially when that ransomware is the potent, pernicious SamSam. The “trade-off” is stark: You can […]

Continue Reading...

Posted in Government Security

 

Another inside job, Gmail privacy, and UK cyber crime court

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Another inside job, or perhaps it should be described as an “insider job.” A former NSO employee has been accused of stealing spyware. Who is […]

Continue Reading...

Posted in Government Security, Privacy, Weekly Security Mashup

 

Ex-CIA employee insider threat, FlightTrader24 hack, and RedHat licenses

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? Ex-CIA employee insider threat and how he was outed, insight into the FlightTrader24 hack, and what you need to know about the RedHat […]

Continue Reading...

Posted in Data Breach, Government Security, Open Source Security, Weekly Security Mashup

 

Microsoft acquires GitHub, Election Insecurity, and Ticketfly data breach

  Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and unsecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? GitHub acquired by Microsoft, election insecurity persists, and the Ticketfly data breach.  Play this week’s episode below:   Microsoft has snapped up […]

Continue Reading...

Posted in Data Breach, Government Security, Open Source Security, Weekly Security Mashup

 

DEF CON 25 exposes voting system vulnerabilities

It took security researchers only minutes to gain access to more than a dozen voting machines at last month’s DEF CON security conference. The nearly two dozen machines, all purchased from eBay and government auctions, are considered representative of the wide variety of electronic voting systems in use today. One even contained actual voting data from […]

Continue Reading...

Posted in Data Breach, Government Security