Breaking News




Source: Kaspersky (securelist.com)

Jul 13, 2018
Today, after almost 3 years of waiting, it was finally the day of the trial. In the Netherlands, where the whole case took place, the hearings are open to the public. Meaning anyone who is interested can visit. And it was quite busy. Because besides the suspects, their lawyers, the judges and the prosecutor there were also several members of the press, a sketch artist (to make a drawing of the ...

(credit: Marcus W / Flickr) Windows Server 2008 and 2008 R2, as well as SQL Server 2008 and 2008 R2, are due to move out of extended support over the next few years—SQL Server in July 2019 and Windows Server in January 2020. For organizations still using that software, this offers a few options: keep using the software and accept that it won't receive any more security updates, migrate to ne...

There has been a fundamental shift in the way code is developed in the past 15 to 20 years. Today, developers do far more re-using of existing code than creating code from scratch. Taking advantage of the millions of open source libraries available has become standard operating procedure. And this new model comes with tremendous benefits – both for developers, and for the business – allowing b...


Source: Ars Technica Security RSS

Jul 11, 2018
Enlarge (credit: Aurich Lawson / Getty Images) When the Spectre and Meltdown attacks were disclosed earlier this year, the expectation was that these attacks would be the first of many, as researchers took a closer look at the way that the speculative execution in modern processors could be used to leak sensitive information and undermine the security of software running on those processors...


Source: Kaspersky (securelist.com)

Jul 10, 2018
In the second quarter of 2017, Kaspersky Lab’s Global Research and Analysis Team (GReAT) began publishing summaries of the quarter’s private threat intelligence reports, in an effort to make the public aware of the research we have been conducting. This report serves as the latest installment, focusing on the relevant activities that we observed during Q2 2018. These summaries are a representat...


Source: Veracode.com

Jul 10, 2018
Effective application security assesses applications across the entire software lifecycle – beyond the development phase and into production. Why is this necessary? If you’ve shifted security left, into the development process, why do you need to shift it right into production? To put it bluntly: Because people aren’t perfect, and bad guys never sleep. With the speed of today’s development pro...


Source: Kaspersky (securelist.com)

Jul 09, 2018
While the legal status of cryptocurrencies and laws to regulate them continue to be hammered out, scammers are busy exploiting the digital gold rush. Besides hacking cryptocurrency exchanges, exploiting smart-contract vulnerabilities, and deploying malicious miners, cybercriminals are also resorting to more traditional social-engineering methods that can reap millions of dollars. Their targets ...

In February, we hosted a virtual summit titled “Assembling the Pieces of the DevSecOps Puzzle.” The goal of the summit was to provide organizations with tools and information to implement a DevSecOps strategy in their organization—and make the shift from theory into practice.  In his educational webinar at the summit, Chris Wysopal—CA Veracode’s CTO and co-founder—tackles an important, practic...