In-brief: more than three years after it was first discovered, the Heartbleed vulnerability in OpenSSL continues to plague organizations worldwide. Why has it been so hard to fix? In this Industry Perspective, Patrick Carey of the firm Black Duck talks about some of the complicating factors that make vulnerabilities like Heartbleed so hard to eradicate.
In-brief: On Tuesday, a ransomware infection spread across Europe and even affected companies and systems as far away as the United States and Brazil. Iain Thomson at The Register breaks down the malware used in the attack, dubbed NotPetya because it disguises itself as the Petya ransomware, although in the end it seems it was designed to wreak havoc, not collect money.
Fast spreading ransomware dubbed Petya has crippled parts of Ukraine and hit companies in The Netherlands, France, Russia and Spain. It appears to be spreading using a combination of software exploit and stolen passwords.
In-brief: After seeding the globe with hackable DVRs and webcams, Zhejiang Dahua Technology Co., Ltd. of Hangzhou, China will be working with the U.S. firm Synopsys to “enhance the security of its Internet of Things (IoT) devices and solutions.”
In-brief: data from the firm BitSight finds a link between outdated web browser and operating system software and headline-grabbing breaches. Are we surprised?