Lawmaker to HHS: Label software in medical devices
A national effort is needed to ensure that the owners and operators of medical devices, hospital IT networks and electronic health records management systems can find out what software and other technologies are in the products they are buying.
China hides homegrown hacks from its vulnerability disclosure process
New research shows that Chinese vulnerability disclosure process is stalled if the flaws are linked to hacking groups with Chinese ties.
'Eavesdropper' vulnerability strikes hundreds of mobile apps using Twilio
Careless coding by mobile developers using Twilio's API has left hundreds of enterprise communication apps vulnerable to snooping and monitoring.
New OWASP Top 10 includes Apache Struts-type vulns, XXE and poor logging
The latest draft version of the list, a replacement for the draft that caused such pushback earlier this year, includes three new categories of security flaws.
China's vulnerability disclosure system twice as fast as U.S. version
China’s National Vulnerability Database works more than twice as fast on average as its U.S. counterpart, according to new research.
Severe weakness in Wi-Fi security gives hackers wide access to eavesdrop
"This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on."