The Latest in IT Security

Posts Tagged ‘open source’

Heartbleed is a vulnerability that came to light in April of 2014; it allowed attackers unprecedented access to sensitive information, and it was present on thousands of web servers, including those running major sites like Yahoo. Heartbleed was caused by a flaw in OpenSSL, an open source code library that implemented the Transport Layer Security […]

Read more ...

Although third-party software libraries represent a majority of an application’s code, they account for less than seven percent of application vulnerabilities. Typically, applications contain both custom code – the code developed by an organization – and third-party libraries.

Read more ...

A recent vulnerability found in the open-source ImageMagick library used by Yahoo! to process images could have allowed attackers to view image email attachments. After being reported by security researcher Chris Evans, Yahoo! retired the library and rewarded Evans a $14,000 bounty.

Read more ...





Latest Comments

Social Networks