code vulnerabilities
11 Ways To Defend The Software Supply Chain From Code Signing Abuse
Recently, a hacker attempted to install a tool for hacking into a customer’s computer by using a fake code signing certificate impersonating the cybersecurity firm Emsisoft. The attacker attempted to spoof or ...
Google: Poor Software Fixes Cause Half of all Zero-Days
Researchers from Google’s Project Zero examined 18 zero-day vulnerabilities exploited by hackers this year before a patch was available; they found that half those vulnerabilities could have been avoided if software vendors ...
5 Critical Code Vulnerabilities To Avoid At All Cost
The foundation of every software, application, or website is its code. These days, every organization and business around the world uses a wide range of applications and software for everyday operations. A ...
How to Choose Linux Kernel Live Patching Software
In 1991, two unrelated events occurred, each the promise of two very different kinds of freedom: the death of the Cold War and the birth of Linux. Kernel live patching arrived in ...
Contrast Security Advances DevSecOps
Contrast Security this week added a Route Intelligence module to a Contrast Assess vulnerability assessment that automates the code scanning process. Surag Patel, chief strategy officer for Contrast Security, said Route Intelligence ...
WhiteSource Adds Python Support to Vulnerability Discovery Tool
WhiteSource today announced it has extended to reach of its tool for scanning for vulnerabilities in open source application code to include support for the Python programming language. Jeffrey Martin, director of ...
Survey: Third-Party Code Proves Vulnerable
A recent survey of 307 IT professionals conducted Osterman Research on behalf of PerimeterX, a provider of cybersecurity tools for web applications, suggests there’s a lot of third-party code running on websites ...
