Half a Billion IoT Devices Vulnerable and the Fastest Growing Cyberthreat
Want to learn more about the recent cybersecurity threats? Check out this post to learn more about recent happenings in international cybersecurity.
Join the DZone community and get the full member experience.Join For Free
Software Integrity Insight is switching over to a monthly schedule, but we’ll still bring you the best SAST, DAST, and SCA security news as we find it. And, don’t despair — you can still get your weekly fix of application security (and insecurity) news by following our colleague Taylor Armerding’s video blog, Security Mashup.
With So Many Eyeballs, Is Open Source Security Better?
via eSecurity Planet: Dirk Hohndel, VP and chief open source officer at VMware: “One of the biggest challenges for any software product, whether it’s open source or not, is to get enough qualified reviewers to make sure that you don’t get overwhelmed by the speed of innovation and you take the time to actually do decent code review.”
AppSec at the Speed of DevOps in the Age of Open Source
via JAXenter: In the world of DevOps, traditional application security is no longer enough. How can we improve AppSec? What are the newest security challenges that arise as DevOps becomes more mature? JAXenter editor Gabriela Motroc caught up with Tim Mackey, technical evangelist for Black Duck by Synopsys at DevOpsCon 2018 to talk about all this and more.
Retailers Need to Get Real About Security
via Xconomy: There is a big opportunity in online retailing. However, until retailers stop treating software as an ancillary aspect of their business and begin to think and act like software companies, security breaches will continue to plague them.
IoT Security Flaw Leaves 496 Million Devices Vulnerable at Businesses: Report
via CRN: Nearly a half-billion Internet of Things devices are vulnerable to cyber attacks at businesses worldwide because of a 10-year-old security flaw, according to a new report from a security software vendor.
Under GDPR, Data Breach Reports in the UK Have Quadrupled
via BankInfoSecurity: In both March and April, the total number of breaches reported to the ICO was about 400, according to data released by the ICO last week. But, the number of breach reports climbed to about 700 in May and hit about 1,750 in June, the ICO says.
These Are 2018’s Biggest Hacks, Leaks, and Data Breaches
via ZDNet: Homeland Security, FedEx, Orbitz, Aadhaar, L’Express, Cambridge Analytica, Twitter, T-Mobile, and more.
Equifax’s Security Overhaul, a Year After its Epic Breach
via Wired: Jamil Farshchi, chief information security officer at Equifax: “The barriers you face at any company not post-breach is you’re always fighting for budget, you’re always fighting for face time, trying to justify and convince people about the importance of security and risk management. When you’re in a post-breach environment, everyone already knows that it’s critically important.”
Best Practices for Application Security Testing in the era of DevOps and AI
via DevOps.com: As the pace of application development techniques (and their inevitable vulnerabilities) evolve, AppSec personnel have found themselves caught between the desire to keep pace with their management of security testing requirements and their ability to allow the developer teams to operate in the modern, fast-paced ecosystem of DevOps and artificial intelligence.
A Guide to DevSecOps Tools
via SD Times: Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior.
Secure Code: You Are the Solution to Open Source’s Biggest Problem
via Dark Reading: Seventy-eight percent of open source codebases examined in a recent study contained at least one unpatched vulnerability, with an average of 64 known vulnerabilities per codebase.
Unsecured Server Exposes 157 GB of Highly Sensitive Data From Tesla, Toyota, and More
via CSO: A security researcher discovered 157 GB of highly sensitive data from more than 100 companies, including automakers such as Ford, GM, Tesla, Toyota, Chrysler, Fiat, and Volkswagen, exposed on the web.
What Is the Fastest Growing Cyberthreat? 80 Percent Say Supply Chain Attacks
via TechRepublic: According to the report, nearly 90 percent of respondents believe they are currently at risk for a supply chain attack. On average, supply chain attacks cost organizations $1.1 million. For US companies, however, the average cost per attack is $1.27 million.
Timehop Breach Provides GDPR Response Template
via Synopsys Software Integrity blog: With the disclosure of 21 million individuals’ account information being accessed in a data breach at Timehop, we now have a blueprint for what public disclosure of a breach might look like under the new GDPR rules.
Published at DZone with permission of Haidee LeClair. See the original article here.
Opinions expressed by DZone contributors are their own.