Security

The Linux Foundation and the Open Source Software Security Foundation brought together over 90 executives from 37 companies and government leaders from the NSC, ONCD, CISA, NIST, DOE, and OMB to reach a consensus on key actions to take to improve the resiliency and security of open-source software.

Without a detailed accounting of open-source code running within their software, companies have no way to monitor software policies, licenses, vulnerabilities, and versions. That means IT departments are clueless about the overall health of the open-source components they use.

Computer security only happens when software is kept up to date. That should be a basic tenet for business users and IT departments. Apparently, it isn’t. At least for some Linux users who ignore installing patches, critical or otherwise.

In this edition of the latest open-source industry news: Linux Foundation partners add free security classes; Appwrite garners seed money and hands-on community members; Ubuntu's pending new arrival; new releases from Deepin and Modicia.

Exclusive Interview with Appdome CEO Tom Tovar about no-code technology, the state of mobile app security and fraud prevention.

Two key open-source projects already help maintain data observability issues; be sure you do not get stuck with a Dirty Pipe situation; human errors are a major culprit in successful cybersecurity breakdowns; and Wind River's latest release.

Foundries.io and Arduino are joining forces to make embedded Linux-powered internet of things and edge computing devices more secure. The deal will combine technological innovations with Foundries' cloud-native development and deployment enterprise solutions for secure IoT and edge devices. Those so...

The modern attack surface has grown too large and complex for security professionals to manage using traditional, manual approaches to the asset lifecycle.

Old-time Linux is back again. It is not uncommon for open-source software to stop in its tracks. Community and team-based projects sometimes lose developers, enthusiasm, or funding. Hundreds of Linux distributions exist. Some come and go all the time, often unnoticed. Usually, others take their plac...

Launched under the name Developer Tools, 1Password declared the new features will help developers easily and securely generate, manage and access secrets in their normal workflows. The tools will also help simplify complex processes and improve security

Stand-alone automation platforms and low-code software tools in recent years enable vendors to increase sales of products designed for specific roles and functions directly to business users. Often, this puts IT management at arm's length from enforcing governance and security standards.

Government agencies have discovered a deadlier new home and office network device killer malware that replaces weaker VPNFilter code. U.S. and U.K. governments published a joint report Wednesday detailing a new malware strain developed by Russia's military cyber unit deployed in the wild since 2019....

New developments this month include a key acquisition to bolster and expand cloud computing. Keeper Security takes a big step toward integrating better security and cloud encryption architecture. Also significant is StormForge's release this month of a new solution for cloud environments with machin...

Brace yourself, 2022 promises to bring expanded cyber confrontations as ransomware attacks gain the high ground. A dangerous increase in ransomware attacks last year caused devastating compromises to government organizations, critical infrastructure, and businesses. Much of the increase resulted fro...