Tech Republic Security

DECEMBER 14, 2022

As the SolarWinds and Log4j hacks show, vulnerabilities in open source software used in application development can open doors for attackers with vast consequences. A new study looks at the open source community’s efforts to “credit-rate” the risk.

Software 158

Software Risk Hacking Cybersecurity 158

Security Boulevard

JANUARY 17, 2023

The first post of this series on the software-related risks organizations are facing looked at vulnerabilities introduced in development. In this post we look at the risks of open source vulnerabilities. Where is Your Risk? Vulnerabilities in Open Source Software. The post Where is Your Risk?

Software 119

Software Risk 119

Security Boulevard

APRIL 11, 2024

The high-profile compromise of the XZ Utils open-source compression library , disclosed last week, highlights an under-reported threat: social engineering attacks that target open-source package maintainers and other developers to stage software supply chain attacks.

Software 62

Software Risk Social Engineering Engineering 62

CSO Magazine

MARCH 1, 2023

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. To read this article in full, please click here

Software 113

Software Risk 113

Schneier on Security

JUNE 5, 2023

Developers are starting to talk about the software-defined car. The behavior of new cars is increasingly defined by software, too. But keep in mind that, of course, the more software there is in the car, the more risk is there for vulnerabilities, no question about this,” Anhalt said. They’re highly secure.

Software 231

Software Engineering Internet Internet 231

Tech Republic Security

OCTOBER 5, 2022

The post Software supply chains at risk: The account takeover threat appeared first on TechRepublic. This kind of attack is very difficult to detect and might lead to full compromise of systems, leading to cyberespionage or financial crime.

Accountability 139

Accountability Software Risk 139

Security Boulevard

MARCH 1, 2023

Software supply chain issues continue to be a concerning subject of late. Open source software (OSS) has many benefits, yet relying on many open source dependencies could cause security woes if it isn’t managed correctly. The post Top 10 Open Source Software Risks of 2023 appeared first on Security Boulevard.

Software 112

Software Risk Mobile Malware 112

Security Boulevard

NOVEMBER 22, 2021

BSIMM12 reports increased attention on software security due to recent supply chain disruptions. Get recommendations for managing supply chain risks. The post Effective software security activities for managing supply chain risks appeared first on Software Integrity Blog.

Software 141

Software Risk 141

Security Boulevard

OCTOBER 13, 2023

In the constantly shifting terrain of software supply chains , open source software (OSS) fulfills a dual mandate, propelling innovation forward and serving as the cornerstone of operational efficiency. The post Open source risk management: Safeguarding software integrity appeared first on Security Boulevard.

Software 67

Software Risk 67

Security Boulevard

JANUARY 12, 2023

Organizations are facing a variety of software-related risks, and vulnerabilities introduced in the development process are just one of them. The sooner they can figure out where these risks exist and how to address them, the better they can mitigate them and bolster their overall cybersecurity profile. Where is Your Risk?

Software 98

Software Risk Cybersecurity 98

Security Boulevard

MAY 23, 2022

Our experts discuss the prevalence of supply chain attacks and how organizations can manage their software supply chain risks. The post AppSec Decoded: Managing software supply chain risks appeared first on Application Security Blog.

Software 103

Software Risk 103

Tech Republic Security

OCTOBER 17, 2023

Sonatype's 9th annual State of the Software Supply Chain also covers regulations and how AI could help developers protect organizations from security risks.

Software 194

Software Risk 194

Tech Republic Security

DECEMBER 4, 2023

Recorded Future CISO Jason Steer said software digital supply chains are one of the top risks being faced. The ASEAN region is seeing more cyber attacks as digitisation advances.

Risk 190

Risk CISO Cyber Attacks Software 190

Security Boulevard

JANUARY 29, 2024

Gain insights into the Gartner® report and learn how to mitigate enterprise software supply chain risks by integrating software supply chain security into vendor risk management.

Software 70

Software Risk 70

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Many AI products are deployed without institutions fully understanding the security risks they pose.

Risk 237

Risk Cybersecurity Government Engineering 237

Schneier on Security

MARCH 21, 2022

This is a big deal : A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source software. The SBOM enumerates these components in a product.

Software 254

Software Manufacturing Risk Government 254

Centraleyes

JANUARY 11, 2024

Many organizations tend to adopt a reactive approach to managing risks. They often wait until a high-profile event, a significant news story, or regulatory changes demand a reassessment of their existing risk management structures. This reactive strategy takes a terrible risk. Making an informed decision is key to success.

Software 52

Software Risk Insurance Technology 52

Security Boulevard

APRIL 5, 2024

Atlassian, a leading provider of collaboration and productivity software, has recently rolled out a series of patches aimed at fortifying the security of its popular products. The post Atlassian Flaws Fixes: Critical Bamboo Patch Mitigates Risk appeared first on Security Boulevard.

Risk 109

Risk Software Cybersecurity 109

CSO Magazine

NOVEMBER 17, 2021

Software composition analysis definition. Software composition analysis (SCA) refers to obtaining insight into what open-source components and dependencies are being used in your application, and how—all in an automated fashion. To read this article in full, please click here

Software 119

Software Risk 119

Penetration Testing

APRIL 15, 2024

A newly discovered vulnerability in Libreswan, a widely used open-source VPN (Virtual Private Network) software, could leave systems open to crashes and potential denial of service attacks, say researchers.

VPN 118

VPN Penetration Testing Software Risk 118

The Last Watchdog

FEBRUARY 5, 2024

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up. Navigating new risks Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Here are a few ‘dos:’ •Rigorous vulnerability management.

Risk 239

Risk Backups Software Education 239

SecureBlitz

JANUARY 24, 2022

This post will show you the value of software product risk assessment. The Systems Science Institute at IBM determined that the cost of fixing a glitch at the testing stage is at least 6X greater than if the said bug was picked up and dealt with during previous stages of a software development life cycle.

Software 99

Software Risk Cybersecurity 99

Security Boulevard

JANUARY 30, 2023

Open source software provides companies with a competitive edge but when used incorrectly, it can lead to risks in the software supply chain. The post Open source software: A pillar of modern software development appeared first on Security Boulevard.

Software 125

Software Risk 125

Tech Republic Security

MARCH 3, 2023

Many software companies rely on open-source code but lack consistency in how they measure and handle risks and vulnerabilities associated with open-source software, according to a new report. The post Top 10 open-source security and operational risks of 2023 appeared first on TechRepublic.

Risk 200

Risk Software Cybersecurity 200

CyberSecurity Insiders

APRIL 29, 2022

Here is a rundown of the benefits of an asset management software in cutting down cyber-related threats. Identify assets and their associated risks. Admins can reduce security risks associated with unidentified, forgotten, or malfunctioning IT assets when IT possessions are tracked. Handle the threats’ possible risks. .

Cyber Risk 122

Cyber Risk Software Risk IoT 122

Schneier on Security

MARCH 1, 2021

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. For a while, in 2019, the update server’s password for SolarWinds’s network management software was reported to be “solarwinds123.”

Risk 358

Risk Government Marketing Software 358

Security Boulevard

FEBRUARY 2, 2023

This can happen through backdoors planted in software updates, as seen in incidents like SolarWinds and Kaseya. New architectures such as multi-cloud and microservices have made consistent security controls […] The post Software Supply Chain Risks for Low- and No-Code Application Development appeared first on Radware Blog.

Software 96

Software Risk Architecture 96

The Last Watchdog

JANUARY 2, 2024

In today’s digital landscape, organizations face numerous challenges when it comes to mitigating cyber risks. Here are some of the key challenges that organizations encounter in their efforts to mitigate cyber risks in the current environment. Manage dependencies and address vulnerabilities in software components.

Cyber Risk 169

Cyber Risk Risk Education Security Awareness 169

Security Boulevard

MARCH 15, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) recently released its new Secure Software Development Attestation Form. The announcement indicates an ongoing trend placing the cybersecurity onus on software vendors and their organization’s leadership, specifically their CEOs. Think Again appeared first on OX Security.

Cyber Risk 113

Cyber Risk Risk Software Cybersecurity 113

Security Boulevard

MARCH 31, 2022

Legacy systems, including end-of-life software, cause more problems than workflow bottlenecks and IT headaches and could put a company—or even the nation, if that software is in support of critical infrastructure—at serious risk.

Software 96

Software Risk Cybersecurity Security Awareness 96

Security Boulevard

JUNE 12, 2023

Software supply chain risks is an increasingly hot topic because attention to the supply chain has grown in recent years. Its importance has naturally attracted the attention of hackers, so protecting the software supply chain is paramount.

Software 52

Software Risk 52

Tech Republic Security

APRIL 12, 2023

In the face of growing risks from open-source software dependencies, Google Cloud is releasing its Assured Open Source Software (Assured OSS) service for Java and Python ecosystems at no cost. The post Google Cloud offers Assured Open Source Software for free appeared first on TechRepublic.

Software 158

Software Risk 158

Security Boulevard

JULY 25, 2022

Recent high-profile cybersecurity incidents such as the SolarWinds attack and the Apache Log4j vulnerability have exposed the threats associated with the software supply chain. The post Log4j and the Role of SBOMs in Reducing Software Security Risk appeared first on Security Boulevard.

Software 114

Software Risk Cybersecurity 114

Security Boulevard

JUNE 21, 2023

The post MITRE’s System of Trust: A discussion about standardizing software supply chain risk appeared first on Security Boulevard.

Software 98

Software Risk 98

Security Boulevard

APRIL 12, 2024

The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.”

Risk 139

Risk Hacking Government Digital transformation 139

Security Boulevard

JULY 12, 2021

Knowing what’s in your open source software, whether you’re a consumer or producer, can help you manage security risks in your supply chain. The post Reduce open source software risks in your supply chain appeared first on Software Integrity Blog.

Software 131

Software Risk 131