In-brief: The use of open source software is exploding, but concerns about code quality and security in the open source supply chain persist, according to a report from the firm Sonatype.
open source
DNS-Linked Flaw Leaves Many Systems Vulnerable
In-brief: Researchers at Google are warning about a previously undetected flaw in a widely used open source library could be exploited by attacks using overly long web domain names.
Linux Kernel Flaw Reaches Into Internet of Things
In-brief: Software updates were released to address a serious and exploitable security flaw in the Linux kernel on Tuesday. The issue, in a feature called keyring, could impact embedded systems as well as mobile devices.
Podcast: Craig Smith of OpenGarages on Vehicle Security and GM’s Bug Bounty
In-brief: In this podcast, Paul speaks with Craig Smith of Open Garages on GM’s bounty program, the state of connected vehicle security, and what the auto industry can learn from open source.
Firm Finds Crypto Keys Recycled on Thousands of Devices
In-brief: Encryption keys used to secure data on- and communications between embedded devices are being recycled, creating a huge vulnerability that malicious hackers could exploit to snoop on sensitive communications or impersonate devices.
