The cost upsides of writing code that's as free from bugs as possible has long been known, says Veracode's Chris Wysopal, but bugs continue to plague production code. Thanks to the rise of agile programming, however, there are new opportunities to eradicate flaws during development.
For too long, ensuring that code is securely written - and bug free - has been a business afterthought. But there's been new hope for building security into the development lifecycle, thanks to the rise of DevOps, aka rugged software, says Chris Wysopal, CTO of the application security firm Veracode.
With great efficiencies and cost savings also come great threats and fraud risks. This is today's digital reality, and it is why cybersecurity and the user experience need to be aligned to create digital trust, says Scott Clements of VASCO Data Security.
A researcher claims WhatsApp has dismissed his finding that there's a backdoor in the application that could allow attackers to unlock encrypted messages. But the controversy is more nuanced - and for most of us, much less threatening - than it might first appear.
Facebook says it hasn't seen ransomware spreading through its Messenger instant messaging platform despite recent reports from researchers saying that the file-encrypting Locky may have slipped through.
President-elect Donald Trump will review the nation's cyber vulnerabilities at the start of his presidency, just like Barrack Obama did. But Trump hasn't demonstrated the deep understanding of cyber that Obama did when he took office nearly eight years ago.
The proposed guidance from the National Highway Traffic Safety Administration focuses on hardening a vehicle's electronic architecture against cyberattacks and to ensure vehicle systems take appropriate actions even if an attack succeeds.
Apple's security defenses have improved dramatically in recent years, but poorly written drivers in third-party applications could provide key access to critical parts of macOS.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
A federal watchdog agency's reviews of Minnesota's state-operated Obamacare health insurance exchange and Colorado's Medicaid eligibility and claims processing systems reveal a variety of security weaknesses that are also common among healthcare providers.
Under Australia's strict definition of a cyberattack, the country has never actually experienced one. The claim underscores ongoing questions about how to describe cybersecurity incidents.
In the face of evolving cyberthreats, organizations of all sizes need a more resilient cybersecurity architecture. Michael Kaczmarek of VeriSign describes how to achieve this resiliency.
As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.
Electric car manufacturer Tesla has updated its firmware after researchers in China remotely turned on a vehicle's windshield wipers, opened the trunk and applied the brakes in new Model S sedans.
A developer warns that Dropbox gains wide-ranging access to Apple's OS X operating system using a SQL trick that some equate to hacking users' systems. Here's why giving a desktop app unusual access to Apple's privacy settings poses a security risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
