Tags product development
Hackers try to bug PHP programming language in supply chain cautionary tale
79% of websites use PHP, according to one estimate.
Trump taps DOE veteran to head Homeland Security research arm
President Trump plans to nominate William Bryan, an experienced critical infrastructure specialist, to lead the Department of Homeland Security's R&D arm.
Widespread ‘Zip Slip’ vulnerability affects AWS, HP tools, researchers say
A new widespread vulnerability that lets an attacker execute remote code affects Web development tools offered by Amazon Web Services, HP, and other companies, according to secure-coding startup Snyk.
In war against botnets, manufacturers need to step up, report says
Zombie computer armies are also too easy for attackers to assemble, the tools to mitigate them are too seldom employed, and the market hasn't given companies much reason to try harder, the federal government says.
DARPA is looking to avoid another version of Meltdown or Spectre
The Pentagon's R&D wing has contracted Tortuga Logic to develop hardware security tools that use commercial testing platforms to catch vulnerabilities in computer chips.
The bug bounty market has some flaws of its own
Inflated bounties might be creating perverse incentives for young cybersecurity researchers and distorting the market for white-hat bug hunters.