Claroty researchers have uncovered six critical vulnerabilities in third-party license management components, which could expose operational technology (OT) environments (hardware and software components) across numerous industries to exploits via cyberattacks.
New research finds nearly half of organizations regularly and knowingly ship vulnerable code despite using application security tools. Among the top reasons cited for pushing vulnerable code were pressure to meet release deadlines (54 percent) and finding vulnerabilities too late in the software development lifecycle (45 percent), according to the Veracode and Enterprise Strategy Group (ESG) research.
Google has admitted that its Home speakers recorded users at all times, even when they hadn't said "wake words" such as "OK Google," due to a security error earlier this year.
By 2021, cybercrime will cost about 6 trillion dollars a year. With an ever-increasing amount of ways to connect to your network, IT security teams must be able to secure and mitigate this risk by prioritizing security concerns at earlier stages of the software development life cycle.
If you’re in business today, no matter what your “core” product or service is, you are almost certainly a software company. It is nearly impossible to run a business without it. That means you should know about the Building Security In Maturity Model—better, and more conveniently, known as the BSIMM.
The London Stock Exchange denies that a cyber attack was responsible for a trading outage in August. U.K. security agencies are reportedly investigating the cause of the incident.
The Common Weakness Enumeration (CWE™) released its Top 25 Most Dangerous Software Errors (CWE Top 25), a demonstrative list of the most widespread and critical weaknesses that can lead to serious vulnerabilities in software.
