Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Training Developers to Defend Against Software Attacks -

Blog7
Security Bugs – “The Root of all Evil”

by Paul Ionescu, Security Architect

Looking back at some of the famous security breaches of 2017 we find that they have been caused by software bugs.

The WannaCry attack which impacted computers in 150 countries for an estimated cost of $4 billion used a memory flaw in the Windows File Sharing protocol.

The Equifax breach which exposed the personal data of 143 million Americans, was conducted using a deserialization vulnerability in the Apache Struts library.

The challenge with security bugs is that they are many times not perceived as quality issues, since from the developer or tester point of view, the software is working. There is an unexpected behavior that is uncovered by an attacker, which leads to the vulnerability.

This characteristic of security bugs can cause some developers to even contest that security issues are defects. To better understand that perception an analogy could be made by thinking of developers as house builders...(continued)

View All Trending Stories