The cost upsides of writing code that's as free from bugs as possible has long been known, says Veracode's Chris Wysopal, but bugs continue to plague production code. Thanks to the rise of agile programming, however, there are new opportunities to eradicate flaws during development.
For too long, ensuring that code is securely written - and bug free - has been a business afterthought. But there's been new hope for building security into the development lifecycle, thanks to the rise of DevOps, aka rugged software, says Chris Wysopal, CTO of the application security firm Veracode.
With great efficiencies and cost savings also come great threats and fraud risks. This is today's digital reality, and it is why cybersecurity and the user experience need to be aligned to create digital trust, says Scott Clements of VASCO Data Security.
Facebook says it hasn't seen ransomware spreading through its Messenger instant messaging platform despite recent reports from researchers saying that the file-encrypting Locky may have slipped through.
The success of Operation SAMBRE, a global cybercrime investigation into the theft of billions of dollars from banks throughout the world, proves why information sharing between law enforcement and the private sector is key to battling cybercrime.
President-elect Donald Trump will review the nation's cyber vulnerabilities at the start of his presidency, just like Barrack Obama did. But Trump hasn't demonstrated the deep understanding of cyber that Obama did when he took office nearly eight years ago.
Thank Mark Zuckerberg's taped-over webcam and the Paris robbery of Kim Kardashian West for waking up the average consumer to the security risks they face from using technology and social media, social engineering expert Sharon Conheady says in this audio interview.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.
The proposed guidance from the National Highway Traffic Safety Administration focuses on hardening a vehicle's electronic architecture against cyberattacks and to ensure vehicle systems take appropriate actions even if an attack succeeds.
There are two Yahoo conspiracy theories: It was hacked by a "state-sponsored actor," and it disabled email forwarding to prevent a post-breach exodus. Although neither scenario appears to be true, that doesn't mean the badly breached search giant is in the clear.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
Authorities say Yevgeniy Aleksandrovich Nikulin stole credentials from a LinkedIn employee and used them to breach the social networking firm in 2012, in which well over 100 million members' passwords were exposed.
A federal watchdog agency's reviews of Minnesota's state-operated Obamacare health insurance exchange and Colorado's Medicaid eligibility and claims processing systems reveal a variety of security weaknesses that are also common among healthcare providers.