Latest OpenSSL version is affected by a remote memory corruption flaw
Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido …
Open Source Software
OpenSSL to Release Security Patch for Remote Memory Corruption Vulnerability
The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. …
OpenSSL 3.0.5 awaits release to fix potential worse-than-Heartbleed flaw
The latest version of OpenSSL v3, a widely used open-source library for secure networking using the Transport Layer Security (TLS) …
Software Supply Chain Compliance with Aqua’s Chain-Bench
We can all agree today that we really need to know what’s what with your software supply chain. If you don’t know why I recommend you …
OpenSSL issues a bugfix for the previous bugfix
If you’re an OpenSSL user, you’re probably aware of the most recent high-profile bugfix release, which came out back in March 2022. …
Eclipse Plunges into OSS Supply Chain Security
The Eclipse Foundation will be getting more hands-on in helping to secure the open source software supply chain after accepting a …
iPaaS: The latest enterprise cybersecurity risk?
iPaaS apps are vulnerable because they transport highly sensitive data from core systems, include many different third-party apps in the …
Classifying Severity Levels for Your Organization
Working with previously defined severity levels helps on-call teams to quickly triage major issues. As we have seen in this post, each …
Applying Zero Trust Security to Kubernetes Via Service Mesh
Earlier this year, the White House issued an Executive Order on Improving the Nation’s Cyber Security, which laid the groundwork for …
How Web Assembly Can Mitigate the Software Supply Chain Crisis
The definition of insanity, according to no less than the insightful mind of Albert Einstein, is doing the same thing over and over and …
7-Zip gets Mark of the Web feature, increases protection for users
One of the most popular zip programs around, 7-Zip, now offers support for “Mark of the Web” (MOTW), which gives users better …
Open Source Software Security Begins to Mature
Only about half of firms have an open source software security policy in place to guide developers in the use of components and frameworks, …
Zero Trust Infrastructure for Kubernetes
Zero trust security is the buzzword on everyone’s lips today — and for good reason. While the security model has been gaining traction …
Q&A: What Is Zero Trust?
Zero trust is a security philosophy, not a set of specific best practices or a checklist for security teams to follow. As cyberattacks have …