by Paul Ducklin CAN YOU GET HACKED AND THEN PROSECUTED FOR IT? Cryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL....

by Paul Ducklin OpenSSL, probably the best-known if not the most widely-used encryption library in the world, has just release...

by Paul Ducklin Cybersecurity news, in Europe at least, is currently dominated by stories about “VMWare ESXi ransomware” that is...

by Paul Ducklin Samba, simply put, is a super-useful, mega-popular, open-source reimplementation of the networking protocols used in Microsoft Windows,...

If you’ve had the opportunity to build a search application for unstructured data (i.e., wiki, informational web sites, self-service help pages, internal documentation, etc.)...

A security company is leading coordinated vulnerability disclosure of multiple high-severity vulnerabilities in the Qualcomm Snapdragon chipset.The vulnerabilities were identified in the Unified Extensible...

The security industry collectively loses its mind when new vulnerabilities are discovered in software. OpenSSL is no exception, and two new vulnerabilities overwhelmed news...

In many cases, once a high-risk security vulnerability has been identified in a product, a bigger challenge emerges: how to identify the affected component...

In the past decade or so, open source software has become a critical component of many companies' tech stacks. The proliferation of cloud computing...

EVERGREEN, Colo., December 1, 2022 — Phylum, The Software Supply Chain Security Company, today announced the addition of Automated Vulnerability Reachability to its software...

by Paul Ducklin SPOTLIGHT ON CYBERTHREATS Security specialist John Shier tells you the “news you can really use” – how to...

by Paul Ducklin Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week. The OpenSSL team announced in advance, as...