Breaking News




Source: Kaspersky (securelist.com)

Apr 23, 2018
Energetic Bear/Crouching Yeti is a widely known APT group active since at least 2010. The group tends to attack different companies with a strong focus on the energy and industrial sectors. Companies attacked by Energetic Bear/Crouching Yeti are geographically distributed worldwide with a more obvious concentration in Europe and the US. In 2016-2017, the number of attacks on companies in Turkey...

During the RSA conference Sam King, general manager of CA Veracode lead an engaging discussion with Art Coviello, former CEO of RSA and Robert Knake, senior fellow for cyber policy at the Council on Foreign Relations and senior research scientist at Northwestern University’s Global Resilience Institute. While the conversation touched on a variety of topics, the prevailing theme was on the need...

We are in the midst of the fourth industrial revolution. Instead of steam machines or textiles, our economy is becoming ever more tied to technology. In order for our digital economy to thrive, we as a collective society need to have trust in our technology. Yet, the technology world has done very little to earn that trust. During RSA David Duncan, VP, Product Marketing and Mark McGovern, VP, ...


Source: Veracode.com

Apr 20, 2018
Lance Spitzner, Director, SANS Institute The security skills gap is well documented. There just aren’t enough security professionals in the workforce to help secure our digital economy. Even if there were, scaling to the number of security professionals needed to create a comprehensive security program alone would not solve the security problem, especially in AppSec. During this talk, Lance Sp...


Source: Veracode.com

Apr 20, 2018
Open source component vulnerabilities have been a hot topic in the security industry as well as in the media. It used to be the main concern in software development was making sure you testing throughout the SDLC. While this is still a crucial part of making sure your software is secure, component security has grown in importance. As Tim Jarrett, Director of product management at CA Veracode e...


Source: Kaspersky (securelist.com)

Apr 19, 2018
Looking at Instagram one morning, I spotted several posts from some fairly well-known people (in certain circles) who had invested in an ICO held by Telegram. Interesting, I thought to myself. I fancy a piece of that. Only I was pretty sure that if Telegram was indeed holding an ICO, it would be a private affair — off limits to cash-strapped social media-based “investors.” That’s when I decided...


Source: Kaspersky (securelist.com)

Apr 18, 2018
When we use popular apps with good ratings from official app stores we assume they are safe. This is partially true – usually these apps have been developed with security in mind and have been reviewed by the app store’s security team. However, we found that because of third-party SDKs many popular apps are exposing user data to the internet, with advertising SDKs usually to blame. They collect...

RSAC 2018 kicked off today with DevOps Connect: DevSecOps Day @ RSAC 2018. This full day event featured speakers security vendors, security practitioners and development teams.  It was interesting to compare the perspectives of the security and development teams when it comes to software security. What was even more interesting was how similar their perspectives are, and to see them presenting...