Monthly Archives: March 2012

New TGLoader Android Malware Found Alternative Markets


March 26, 2012 By
The Vigilant Application Owner

March 26, Threatpost – (International) New TGLoader Android malware found in alternative markets. The TGLoader malware appeared in some alternative Android app markets recently, and researchers at North Carolina State University discovered and analyzed it, finding it has a wide range of capabilities. The malware uses the “exploid” root exploit to get root privileges on […]

Continue reading...

Categories: Uncategorized

Today’s Security Brief: Application security is widely neglected (by some surprising companies)


By
Tim O'Brien

Today we published a paper with Aspect Security, and it’s a shocking look at how few people are paying attention to application security. If you consume dependencies from the Central Repository and you don’t want to get hacked, I’d suggest reading the report and understanding some of the challenges, I’d also check out some of […]

Continue reading...

Categories: Uncategorized

Study: More Than 50 of Global 500 Use Vulnerable Open Source Components


March 25, 2012 By
The Vigilant Application Owner

March 25, ZDNet – (International) Study: More than 50% of Global 500 use vulnerable open source components. According to a joint research report issued March 25 by Sonatype and Aspect Security, more than 50 percent of the world’s largest corporations have open source applications with security vulnerabilities. That is because more than 80 percent of […]

Continue reading...

Categories: Uncategorized

LibreOffice 3.4.6 Fixes Potential Security Problem


March 22, 2012 By
The Vigilant Application Owner

March 22, H Security – (International) LibreOffice 3.4.6 fixes ‘potential security problem’. The Document Foundation released version 3.4.6 of its open source LibreOffice productivity suite. The maintenance update addresses a “potential security problem” and includes fixes for a number of bugs, such as problems that could lead the – 14 – application to crash. Details […]

Continue reading...

Categories: Uncategorized

Article Published in ISACA Journal: Mitigating OSS Risk


By
Tim O'Brien

Sonatype’s Charles Gold has just published an article in the ISACA Journal: “Mitigating the Risk of OSS Software”. Here’s an excerpt from his ISACA blog discussing the article: “[I]t has been reported that up to 80 percent of custom software code created today is assembled from open-source components. Upon closer examination, we see a software […]

Continue reading...

Categories: Uncategorized