As an experiment, researchers at the University of Bonn posed as a client trying to develop software. They hired 43 freelance software developers from Freelancer.com for either 100 Euros or 200 Euros. They asked the freelancers to develop a small part of a fictitious web site, the site’s registration system. Since this was a university […]
Continue reading → [DISPLAY_ACURAX_ICONS]Lets assume your company uses Box Enterprise – just as an example. And then assume that your employees create a file or a folder and want to share it with someone, so they create a link. In the case of Box, the link URLs can be randomly generated or created by the user. A little […]
Continue reading → [DISPLAY_ACURAX_ICONS]Commerce Department Wants Companies to Publish Ingredients of their Software The Commerce Department is trolling around the RSA conference trying to get companies to publish the ingredients in their software – the so called bill of materials that I have written about before – so that users can understand what libraries are being loaded. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]As people use their mobile devices as what one friend used to call a “pocket super computer” as opposed to something where you dial 7 digits (remember that) and talk to someone, hackers have figured out that the new attack vector is your phone. In part, this is due to the fact that finally, after […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last Week Microsoft Announced Microsoft Azure Sentinel, a cloud based Security Information and Event Management System (SIEM) and a Threat Hunting and Analysis Service called Microsoft Threat Experts. As Ray and I discussed on a recent video, available on Youtube, the best outcome of that announcement is if Google and Amazon make a similar announcement. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Adobe seems to have trouble catching a break sometimes, Today they released an emergency patch for a vulnerability in the Cold Fusion application that Adobe bought in 2005. The bug allows an attacker to bypass the file upload restrictions, allowing an attacker to upload a malicious executable and then get the target system to execute […]
Continue reading → [DISPLAY_ACURAX_ICONS]