Category: DEVSEC

Microsoft Buys jClarity to Jolt Java Support in Azure

The jClarity team has been a contributor to the AdoptOpenJDK project that helps users build…Read More »© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral’s Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed [ … ]

Many Apache Struts Security Advisories Updated Following Review

Two dozen security advisories for the Apache Struts open source development framework have been updated after researchers determined that they contained incorrect information regarding which versions of the software were impacted by a vulnerability. read more http://feedproxy.google.com/~r/Securityweek/~3/E7BdFJ8P-lA/many-apache-struts-security-advisories-updated-following-review

Trolldesh Ransomware Dropper

Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP file that acts as a delivery tool for downloading the host malware dropper: hxxp://doolaekhun[.]com/cgi-bin/[redacted].php This [ … ]

Facebook sues two app developers for click fraud

Facebook has filed a lawsuit today against two Android app developers for infecting their users with malware that faked clicks on ads. Both the Hong Kong-based JediMobi and the Singapore-based LionMobi were a part of the social media giant’s Audience [ … ]

No love lost between security specialists and developers

GitLab finds 68% of security professionals feel that less than half of developers can spot security vulnerabilities, but most people feel it’s a programmer’s job to write secure code. https://www.zdnet.com/article/no-love-lost-between-security-specialists-and-developers/#ftag=RSSbaffb68