Collaborate Disseminate
We are all living in unconventional and unprecedented times. The entire world is adjusting to the rapidly-changing dynamics brought on by Coronavirus (COVID-19). Here at Checkmarx, we are taking deliberate and preventative measures to protect our globa… Continue reading A Message From Our CEO: Checkmarx’s Acquisition & The Road Ahead
Chris Eng with Veracode talks about how organizations are falling into security debt due to patch management issues. Continue reading Chris Eng: Patch Management Challenges Drive ‘Security Debt’
Researchers from Eclypsium, a provider of secure firmware, disclosed this week that they have been able to launch successful direct memory access (DMA) attacks that bypass security frameworks such as UEFI Secure Boot, Intel Boot Guard, HP Sure Start a… Continue reading Eclypsium Researchers Demonstrate Direct Memory Attacks
If you use Zoom to host your remote online meetings, you need to read this piece carefully.
The massively popular video conferencing software has patched a security loophole that could have allowed anyone to remotely eavesdrop on unprotected active me… Continue reading Zoom Bug Could Have Let Uninvited People Join Private Meetings
With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vuln… Continue reading Latest Microsoft Update Patches New Windows 0-Day Under Active Attack
October is the annual National Cybersecurity Awareness Month (NCSAM), which is promoted by the U.S. Department of Homeland Security and the National Initiative for Cybersecurity Careers and Studies (NICCS). According to the NICCS, “Held every Oct… Continue reading Kotlin Guide: Why We Need Mobile Application Secure Coding Practices
When I was a child, I didn’t dream of becoming a legendary football player or a rock star. My dream was to become a Transformer: specifically Optimus Prime. I am sure some of you in the audience shared the same dream. As you can probably guess, u… Continue reading Becoming Optimus Prime Within Your AppSec Initiatives
As leaders in software composition analysis (SCA), we know its role throughout today’s software supply chain.
SCA was born out of necessity. How else could innovators discover, identify, and track open source software (OSS) components within… Continue reading Why Software Composition Analysis (SCA) Demands Precision
The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software.
Security researchers confi… Continue reading Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu
It is often said that open source software is like a recipe. In this context, let’s discuss your grandmother’s favorite cookies. It’s quite possible your grandmother is known throughout the family as having the most famous chocolate c… Continue reading The Open Source Cookbook: A Baker’s Guide to Modern Application Development