Tag Archives: security

Move Left and Be More Secure


September 16, 2013 By
Jessica Dodson

Author Attribution: This post was written by a guest blogger: Mark Miller, Founder and Curator of Trusted Software Alliance. In a “50-in-50” interview on the Trusted Software Alliance site, Gary McGraw talked about the concept of ‘moving left’, or ‘shifting left’ when it comes to application security in the software life cycle. Traditional development leaves […]

Continue reading...

A Brief and Incomplete History of DevOps


July 29, 2013 By
Jessica Dodson

The use of DevOps methodology and a structured process for integrating security into the development process is becoming more prevalent as large enterprises are seeing the benefits of a strategic alliance between development teams and operations. Instead of throwing the pig over the fence and hoping it turns into bacon by the time it touches […]

Continue reading...

ProstgreSQUL Updates to Close Denial-of-Service Hole


February 7, 2013 By
The Vigilant Application Owner

The H – (International) PostgreSQL updates to close denial-of-service hole. The developers of PostgreSQL released updates to several versions of their products to address a misdeclared function that could allow a SQL command to crash PostgreSQL, among other issues. Source: http://www.h-online.com/security/news/item/PostgreSQL-updates-to-close-denial-of-service-hole-1799938.html

Continue reading...

Barracuda Moves to Shutter Backdoor Access to its Network Gear


February 6, 2013 By
The Vigilant Application Owner

IDG News Service – (International) Barracuda moves to shutter backdoor access to its network gear. Barracuda Networks issued an update to close a vulnerability in its network security appliances that allowed unauthorized access through remote support backdoors. Source: http://www.computerworld.com/s/article/9236574/Barracuda_moves_to_shutter_backdoor_access_to_its_network_gear

Continue reading...

Aerospace And Defense Firms Targeted With Clever Spear Phishing


January 31, 2013 By
The Vigilant Application Owner

Help Net Security – (National) Aerospace and defense firms targeted with clever spear phishing. A new spearphishing campaign is targeting directors, vice presidents, and other top management of companies in the aerospace and defense industry and the U.S. government via a malicious .PDF file, which, once opened, creates a permanent backdoor and exfiltrates data from […]

Continue reading...

Turkish Hackers Upload Malicious Browser Extension To Official Chrome Web Store


By
The Vigilant Application Owner

Softpedia – (International) Turkish hackers upload malicious browser extension to official Chrome web store. Kaspersky discovered that hackers are attempting to distribute malicious browser extensions through the official Google Chrome store. Google is attempting to remove the malware; similar fake extensions have been found for Mozilla’s Firefox browser. Source: http://news.softpedia.com/news/Turkish-Hackers-Upload-Malicious-Browser-Extension-to-Official-Chrome-Web-Store-325708.shtml

Continue reading...