Category: DEVSEC

Best practices for secure application development

Application security is your best defense against the hackers who want your organization’s data. Here are best practices for secure application development. The post Best practices for secure application development appeared first on Software Integrity Blog. https://www.synopsys.com/blogs/software-security/secure-application-development-best-practices/

Exploring a Recent Magnitude Exploit Kit Sample

FortiGuard Labs recently discovered a Magnitude Exploit Kit sample targeting South Korea that uses a technique with VBScript to load the .NET assembly from memory. Read our analysis to learn more. http://feedproxy.google.com/~r/fortinet/blogs/~3/gQcX0v1g5e8/magnitude-exploit-kit-sample-analysis.html

Measuring the Security of IoT Devices

In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software. Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries analyzed Date range of data: 2003-03-24 to 2019-01-24 [ … ]

PHP update fixes arbitrary code execution flaw, 9 other bugs

The Center for Internet Security’s Multi-State Information Sharing and Analysis Center (MS-ISAC) on Friday issued a security advisory urging developers to upgrade to the latest version of PHP in order to patch an arbitrary code execution vulnerability that was found [ … ]

MS-ISAC Releases Advisory on PHP Vulnerability

Original release date: September 27, 2019The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Hypertext Preprocessor (PHP). An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and [ … ]