In-brief: more than three years after it was first discovered, the Heartbleed vulnerability in OpenSSL continues to plague organizations worldwide. Why has it been so hard to fix? In this Industry Perspective, Patrick Carey of the firm Black Duck talks about some of the complicating factors that make vulnerabilities like Heartbleed so hard to eradicate.
In-brief: the U.S. healthcare sector is in critical condition and needs urgent, coordinated action to protect patient safety and address vulnerabilities in millions of deployed medical devices, a Congressional Task Force has concluded. (Updated with comments from Joshua Corman of Atlantic Council. PFR June 7, 2017)
In-brief: a report by the Cloud Security Alliance calls for a bottom up remake of infrastructure to support connected vehicles and warns of more, serious attacks as connected vehicles begin interacting with each other and with connected – but insecure – infrastructure.
In-brief: a survey of cyber criminal groups by Flashpoint revealed that secure messaging apps are becoming more popular, but that security isn’t the only thing motivating online criminals.
In-brief: The Online Trust Alliance, which has focused on issues related to privacy and security on the Internet of Things, is merging with The Internet Society, home of the Internet Engineering Task Force (IETF), the groups said in an announcement Wednesday.