In this week’s episode of the podcast (#168), sponsored by Signal Sciences, Chris Eng of Veracode joins us to talk about the 10th annual State of Software Security Report and the problem of application security debt. Also, Brendan Macaraeg of Signal Sciences talks about the expanding landscape of web application attacks and defenses.
New malware, LoadPCBanker, is leveraging Google’s Sites to spread via drive-by download attacks, according to a new report. Companies are advised to block uploads and downloads from the service.
Distil Network’s annual assessment of bad bots, “Bad Bot Report 2019: The Bot Arms Race Continues,” found that bad bots accounted for one in five website requests in 2018, or 20.4 percent of web traffic.
In our latest podcast: industrial security expert Joe Weiss talks to us about Triton, a new malware family targeting industrial safety systems. Also: Dave Aitel of the firm Immunity Inc. joins us again to talk about new legislation banning government agencies from using anti malware software by Kaspersky Lab. And, Alan Naumann* of the firm Contrast Security talks to us about the major insurance firm that joined the latest round of investment in his company, and why application security is everybody’s problem.
In-brief: Is there cause for hope? A new analysis of a connected power drill by a researcher at DUO Security finds that it’s actually pretty secure. But challenges remain for connected device makers.
