industrial Colonial Pipeline critical infrastructure OT Utilities

Critical Infrastructure’s Open Source Problem

Open source has a security problem, and that could have real-world impact when it affects critical infrastructure. According to research from Synopsis, 78% of code in codebases is open source, and 81% ...
Security Boulevard
firmware open source Log4j OpenSSF API security dynamic code application

Gov’t Adds Open Source Security to Software Supply Chain

The federal government is stepping up to protect the software supply chain. Last year, president Biden signed an executive order to improve national cybersecurity and bring better protection to federal government networks ...
Security Boulevard
NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)

NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)

The C and C++ languages are unsafe. Instead, the NSA would like devs to use memory-safe languages—such as Rust ...
Security Boulevard
Hacker Stole $3B Bitcoin — Yes, ‘Crypto’ is Garbage

Hacker Stole $3B Bitcoin — Yes, ‘Crypto’ is Garbage

James Zhong admitted to stealing 50,000 bitcoins from the former dark web market, Silk Road—the DoJ has the gory story ...
Security Boulevard
GitHub ICS Risk

GitHub Flaw Underscores Risks of Open Source, RepoJacking

A GitHub vulnerability was recently discovered that lets attackers seize control of a GitHub repository and infect all the applications and code that depend on it with malicious code. This vulnerability is ...
Security Boulevard
vulnerability cybercriminals ransomware Barbary Buran

OpenSSL Deems Vulnerability ‘Critical’, Will Publish Patch Tuesday

Does an OpenSSL vulnerability with a ‘critical’ CVE rating rival Heartbleed? That’s what some security experts are saying as they await a fix expected on Tuesday. The OpenSSL project team confirmed that ...
Security Boulevard
supply, chain

Has Your Software Supply Chain Already Been Compromised?

Software supply chain attacks have dominated headlines since the SolarWinds attack, closely followed by Log4j and numerous other incidents that continue to get media attention. However, in practice, software supply chain incidents ...
Security Boulevard
Chinese Huawei ‘Spies’ Charged — FBI is Mad as Hell

Chinese Huawei ‘Spies’ Charged — FBI is Mad as Hell

The Chinese government sent two spies to extract information about the U.S. case against Huawei. But they didn’t expect their contact to be a double agent ...
Security Boulevard