Breaking News



The enormous growth of DevOps is no accident. As organizations attempt to navigate the complexities of digital business, speed and flexibility are everything. Yet somewhere between innovation and disruption lies a basis fact: A DevOps initiative is only as good as the security framework that supports it. Unfortunately, many organizations focus on speed and precision at the expense of security....

The life of a commercial software developer is a difficult one. Or at least we have to assume it is because of how many of them half-ass it when code starts to get complicated. Okay, maybe that’s unfair. Maybe it’s not all half-assing. It’s complicated. Literally. There’s many functions that are overly complex. They are so complex with so many variables and interactions as to be actually untes...


Source: Kaspersky (securelist.com)

Mar 28, 2018
While doing threat research, teams need a lot of tools and systems to aid their hunting efforts – from systems storing Passive DNS data and automated malware classification to systems allowing researchers to pattern-match a large volume of data in a relatively short period of time. These tools are extremely useful when working on APT campaigns where research is very agile and spans multiple mon...

There’s been a lot of talk and buzz about DevOps and DevSecOps, precipitated by mega technology trends and cybersecurity events shaping our industry. So my colleagues and I were excited to be part of a recent Virtual Summit on “Assembling the Pieces of the DevSecOps Puzzle,” which aimed to move the conversation from defining DevSecOps to enacting it. We are spending a lot of time helping our c...


Source: Ars Technica Security RSS

Mar 27, 2018
Enlarge (credit: Ed Dunens) Researchers from the College of William and Mary, Carnegie Mellon, the University of California Riverside, and Binghamton University have described a security attack that uses the speculative execution features of modern processors to leak sensitive information and undermine the security boundaries that operating systems and software erect to protect important dat...


Source: Kaspersky (securelist.com)

Mar 26, 2018
For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of i...


Source: Veracode.com

Mar 24, 2018
The marquee event of the security industry is fast approaching – the 2018 RSA Conference will take place in San Francisco April 16 to 20. This is a highlight of the year for all of us at CA Veracode, and we will have a major presence there, in part because of the sheer size of this event – both in terms of attendance and scale. It’s definitely the leading business-focused security show, and we...


Source: Veracode.com

Mar 22, 2018
Traditionally, most executives have thought of security as a necessary evil – an investment that was needed solely to avoid a bad outcome, but not something that would bring in new customers or boost revenue. But that seems to be changing. CA Technologies recently surveyed IT and business leaders to find out how well organizations are integrating security throughout the development process – a...