Collaborate Disseminate
The recent industry shift towards DevOps makes it clear that organizations are adopting this development and operational model to facilitate the practice of automating software delivery and deployment. As a result, organizations are acknowledging that … Continue reading Correlating and Remediating Security Risks at Scale is Vital to DevOps
Survival of the Fastest Today, everything is getting faster. With social media and our smartphones, we expect immediate responses to our messages. When searching for the answer to a question, the internet can deliver it in seconds. Even Amazon’s … Continue reading Software Architecture with Shortest Time-to-Market Consideration
This research was provided by Paulo Silva and Guillaume Lopes, who are members of the Checkmarx Security Research Team. Quoting the official documentation, Solidity “is a contract-oriented, high-level language for implementing smart contracts.… Continue reading Checkmarx Research: Solidity and Smart Contracts from a Security Standpoint
Introduction Security Aspects of Android Android is a privilege-separated operating system, in which each application runs with a distinct system identity (Linux user ID and group ID). Parts of the system are also separated into distinct identities. Li… Continue reading NFC False Tag Vulnerability – CVE-2019-9295
It is often said that open source software is like a recipe. In this context, let’s discuss your grandmother’s favorite cookies. It’s quite possible your grandmother is known throughout the family as having the most famous chocolate c… Continue reading The Open Source Cookbook: A Baker’s Guide to Modern Application Development
A friend of mine offered me a Lenovo Watch X – which costs around €60 – in return for helping him with a security project. I was impressed with the design and the quality of the watch. Of course, I also immediately wanted to test its … Continue reading Your Lenovo Watch X Is Watching You & Sharing What It Learns
WebViews are very common on the Android applications. There are clear WebView security best practices, but are they being implemented? With our previous blog post in mind, Android WebView: Secure Coding Practices, we wanted to understand how secur… Continue reading Android WebView: Are Secure Coding Practices Being Followed?
Near-field communication (NFC) is a set of protocols that enables two electronic devices to establish communication by bringing them very close together. Usually the devices must be within less than 4cm. Contactless payment systems use NFC devices, inc… Continue reading NFCdrip: Data Exfiltration Research in Near Field Communication
Smart bulbs are widely known as a successful offering in home automation and IoT products, as they are internet-capable light bulbs that allow home users to customize the colors, schedule on and off times, and control them remotely. Some even play musi… Continue reading Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?
Overview: Data Storage and Communication Security Swift was first introduced in 2014 at Apple’s Worldwide Developers Conference (WWDC) as the iOS, macOS, watchOS and tvOS de facto programming language. Designed by Chris Lattner and many othe… Continue reading Common Security Mistakes when Developing Swift Applications – Part I