Software Integrity

Archive for the 'Internet of Things' Category

 

Third-party security, Russian grid meddling, and patch Apache!

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Third-party security party poopers, more Russian meddling in the grid, and patch Apache. Watch this episode below: , Robotics supplier’s sloppy security leaks 10 years’ […]

Continue Reading...

Posted in Application Security, Internet of Things, Open Source Security, Weekly Security Mashup

 

Ukraine dodges attack, but VPNFilter threat remains

Ukraine had been warned. So it was prepared. And the result, according to the government’s intelligence branch, the Security Service of Ukraine (SBU), is that it was able to detect and thwart a cyber attack that used the now notorious VPNFilter malware against the Auly Chlorine Distillation Station, which supplies chlorine to 23 provinces of […]

Continue Reading...

Posted in Industrial Control System Security, Internet of Things

 

Vulnerable routers are still out there—and hackers are noticing

Vulnerable routers aren’t news Long ago and far away—in 2014, which is indeed long ago and far away in our cutting-edge world of information technology—security gurus like Dan Geer, Jim Gettys, and Bruce Schneier were issuing urgent warnings about the catastrophic insecurity of routers—those devices in our homes that give us access to the World […]

Continue Reading...

Posted in Application Security, Internet of Things, Static Analysis (SAST)

 

Traffic systems at risk of cyberattack, Cortana and Alexa news, PyRoMineIoT Cryptojacker

The cyber security and open source security news that made headlines this week! Why isn’t secure DevOps being practiced? via IBM SecurityIntelligence: New research reveals that consistent practice of secure development and operations (DevOps) remains a challenge for organizations across industries. Only half of DevOps teams integrate application security testing elements in continuous integration and […]

Continue Reading...

Posted in Application Security, Internet of Things, Open Source Security

 

Is IoT a tool for Big Brother via DMCA?

What if it turns out that Big Brother is much more diverse, and a bit more subtle, than a monolithic figure at the head of an intrusive, tyrannical government? What if a component of an all-seeing, all-knowing dystopian overlord is our business sector—the companies that sell us our electronics, appliances, machines, cars, tools, and just […]

Continue Reading...

Posted in Internet of Things, Security Conference or Event

 

The IoT: Too big (and buggy) to patch?

The Internet of Things (IoT) will never be too big to fail, although it is hard to conceive of the entire thing failing at once, unless every power grid on the planet goes down simultaneously. But it is in danger of increasing incremental failure because it is too big to patch, according to author, encryption […]

Continue Reading...

Posted in Application Security, Internet of Things

 

Digital license plates, GDPR risks and hackers, security bugs in AI robots

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? California puts a lot on your plate, the law of unintended consequences as it related to GDPR risks, and porous pepper. Watch the entire […]

Continue Reading...

Posted in Application Security, Internet of Things, Weekly Security Mashup

 

VPNFilter, BMW connected car vulnerability, and Nest IoT devices go offline

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s episode, you ask? Russia vs. Ukraine, Beemer as the ultimate hackable machine, and Nest “smart home” devices. Learn more by watching the full episode below:   New VPNFilter […]

Continue Reading...

Posted in Application Security, Automotive Security, Internet of Things, Vulnerability Assessment, Weekly Security Mashup

 

Data breaches, SirenJack, and serverless apps vulns

It’s nearly an all-Tim Mackey issue of Software Integrity Insight as our technical evangelist weighs in on data breaches, container adoption, GitHub, and open source serverless applications. Other stories in this week’s software integrity news include the SirenJack vulnerability, a security vulnerability potentially putting warning sirens across the city of San Francisco at risk, and […]

Continue Reading...

Posted in Application Security, Containers, Data Breach, Internet of Things, Open Source Security

 

Securing IoT, Atlanta ransomware, Congress on cybersecurity

The Black Duck blog and Open Source Insight become part of the Synopsys Software Integrity blog in early April.  You’ll still get the latest open source security and license compliance news, insights, and opinions you’ve come to expect, plus the latest software security trends, news, tips, best practices, and thought leadership every week.  Don’t delay, […]

Continue Reading...

Posted in Automotive Security, Internet of Things