An international cybercrime operation responsible for a $45 million ATM heist carried out over a matter of hours is being called one of the most sophisticated digital attacks ever uncovered, the New York Times reported. Incorporating stolen payment processing information obtained through a financial transaction system software exploit and an extensive ground operation, the attack involved thousands of ATM withdrawals in more than two dozen countries
Read More »
A technique such as peer code review or even collaborative, paired coding can be an effective way to meet goals that are qualitative rather than quantitative
Read More »
In the past, operating a car wash, controlling a city's traffic light grid and running a nuclear particle accelerator might have been jobs for different days, if not entirely different careers. With Shodan, a search engine for connected devices, an enterprising person might be able to run all three in an afternoon from his or her living room
Read More »
The 2013 National Defense Authorization Act (NDAA), signed into law by President Obama on January 2, features new provisions governing software procurement, including a requirement calling for the use of automated source code analysis tools during the development process
Read More »
Software security assurance for embedded software is a big challenge. This article on embedded systems and automobile security summarizes it nicely: White hats are increasingly looking beyond PCs and data centres for security vulnerabilities that have plagued the computer industry for decades and focusing on products like cars, medical devices and electricity meters that run on tiny computers embedded in those products. For embedded software teams to become the target of hackers is a big change. While website owners and developers of cloud applications or PC software are used to all this attention from hackers,
Read More »
