Mitigating Software Vulnerabilities at Microsoft Over the Last 20+ Years
At BlueHat IL 2019, Microsoft engineer Matt Miller described how the software vulnerability landscape has evolved over the last 20+ years …
Metasploit Framework 5.0 Released With New Evasion Modules, Database and Languages Support
Metasploit 5.0 released with new evasion module, libraries, database, automation APIs, libraries and extended language support. Metasploit …
Presentation: Securing Microservices in Hybrid Cloud
Komes Subramaniam introduces T-Mobile’s Authentication and Authorization Process (TAAP), presenting how it works and what are the …
Presentation: Reactive Spring Security 5.1 by Example
Rob Winch demos applying Spring Security to a reactive application, highlighting some of the new features in Spring Security …
Presentation: Securing Spring Functions by Breaking In
Realtime chat has become a common feature of modern applications. These days not only communicators and social networks allow users to talk …
British Airways Data Breach Conducted via Malicious JavaScript Injection
British Airways have reported two substantial data breaches this year, initially reporting in September the compromise of 244,000 credit …
Python is Now World’s Most Used Coding Language By Hackers to Create Cyber Weapons
Python’s advantages which makes it a popular python hacking tool, reads Imperva report. With Github under every security-related topic …
Checked C Extends LLVM to Bring Spatial Memory Safety to C
Checked C is an open, collaborative project led by Microsoft Research aimed to extend the C language so programmers can write more reliable …
RIP “crypto”
This week veteran cryptographer Matt Blaze, finally gave in — to what must have been a near-constant, low-level drone of ‘CAn Buy Crypto.com???$$$$!’ spam — and sold the pithy domain name he registered in 1993, …
Presentation: Gaining Control with the Web Animations API
Dan Wilson talks about the Web Animations API, how this new JavaScript API came to be and how it compares to the alternate ways to animate …
Presentation: Spring Security 5: The Reactive Parts
Rob Winch demonstrates using the reactive support in Spring Security 5, starting with a simple application and incrementally securing it, …
Last Npm Incident Uncovers Security Vulnerability
Last week, the npm registry had an operations incident that caused a number of highly depended on packages, such as to become unavailable. …
Redpoint Games Launch NPM Package Signing Tool
Redpoint have launched pkgsign, a package signing and verification tool for NPM. It aims to improve security by helping ensure the …
Language bugs infest downstream software, fuzzer finds
Developers working in secure development guidelines can still be bitten by upstream bugs in the languages they use. That’s the conclusion …
Overcoming the Language Barrier Key to DevSecOps Success
As DevOps moves to DevSecOps, there is a significant “people” component involved in the shift. Development and security teams both need …
Presentation: Cybercrime and the Developer: How to Start Defending Against the Darker Side
Steve Poole discusses actions one can take (and some behaviors one must change) to create a more secure Java application for the …
NPM Releases New Security Features
Today at the Node.js Interactive conference in Vancouver, BC, npm, Inc. announced the launch of new security features meant to keep the npm Registry …
W3C Publishes DRM as a Recommendation
After a divided vote, the World Wide Web Consortium (W3C) has adopted Encrypted Media Extensions as a…