Secure Desktops with Qubes: Compartmentalization

This is the third article in my series about Qubes. In the first two articles, I gave an overview about what Qubes is and described how to install it. more>>

Android Browser Security--What You Haven't Been Told

This article focuses on flaws in Android's stock web libraries, while acknowledging related exploits. Some modern Android browsers have critically weak encryption and other dangerous flaws that cannot be patched or otherwise corrected. This weakness extends to multiple browsers and applications and is determined by the linkage to the system webcore on older OS versions. more>>

Synopsys' Coverity

The new version 8.5 of Synopsys' Coverity extends the security umbrella of the static analysis tool to mitigate a wider range of security vulnerabilities. more>>

Securing the Programmer

I have a favorite saying: "If you are a systems administrator, you have the keys to the kingdom. If you are an open-source programmer, you don't know which or how many kingdoms you have the keys to." We send our programs out into the world to be run by anyone for any purpose. Think about that: by anyone, for any purpose. more>>

NordVPN for Android

The prospect of privacy protection and occulting your smartphone's IP address with a VPN are sufficient selling points, but the ability to watch your Spanish-dubbed Turkish telenovellas while on the beach in Tahiti should seal the deal for real. more>>

An IT megatrend in progress involves the shift from legacy monolithic apps running on enterprise storage to systems of engagement that interact with users, collect real-time data from many sources and store it in elastic and shared data services. more>>

Contrast Security's Contrast Enterprise

The phrase with which Contrast Security describes the one-of-a-kind protection provided by the new Contrast Enterprise is "continuous application security". more>>

illusive networks' Deceptions Everywhere

illusive networks' bread and butter is its deception cybersecurity technology called Deceptions Everywhere whose approach is to neutralize targeted attacks and Advanced Persistent Threats by creating a deceptive layer across the entire network. more>>

SourceClear's Commit Watcher

Someone accidentally commits private AWS keys to an open-source project and ends up handing candy to a bitcoin miner. more>>

Tor Is Released

The latest version of the Tor project was released this week, offering greater security and anonymity to individuals and organizations. Here's why you should care. more>>

Stunnel Security for Oracle

Oracle has integrated modern Transport Layer Security (TLS) network encryption into its eponymous database product, and TLS usage no longer requires the Advanced Security option beginning with the 10.2 database release. more>>

SourceClear Open

Open source and DevOps have been a boon to software development. more>>

Libarchive Security Flaw Discovered

When it comes to security, everyone knows you shouldn't run executable files from an untrustworthy source. Back in the late 1990s, when web users were a little more naive, it was quite common to receive infected email messages with fake attachments. more>>

Snappy Moves to New Platforms

Canonical's Snappy package manager is taking its first steps outside the Ubuntu world. As of now, you can install it on Arch, Debian, Fedora and several other popular distros. more>>

Apricorn's Aegis Secure Key 3.0 USB Drives

Packing a mighty punch in a tiny package is the Apricorn's Aegis Secure Key 3.0 line of software-free, hardware-encrypted USB drives, which recently added a 480GB version. more>>

Syndicate content