In-brief: Google’s security team on Thursday announced the release of a new tool, OSS-Fuzz that it says will improve the security of the Internet by providing realtime, automated secruity testing of common open source components.
application security
White House Effort Yields Rating System for Software Security
In-brief: A White House-backed effort to develop a system for rating software security is set to launch at this week’s Black Hat briefings with famed hacker Peiter Zatko (aka “Mudge”) at the helm.
Developers Gorge on Open Source Amid Worries About Quality, Security
In-brief: The use of open source software is exploding, but concerns about code quality and security in the open source supply chain persist, according to a report from the firm Sonatype.
NIST Guidance takes on Cyber Physical Systems
In-brief: The National Institute for Standards and Technology (NIST) released a draft publication that recommends ways to improve the security of systems during the engineering phase, including so-called cyber physical systems on the Internet of Things.
Updated: Vulnerability on 3m Systems Could Spread Ransomware To Schools
In-brief: Researchers at Cisco Systems said that they had identified more than 3 million “at risk” application servers running a vulnerable component that has been linked to ransomware infections. More than 1,600 of those systems have already been compromised, including many school libraries. Updated to add comment from Follett Corp. PFR 4/18/2016
