Java Crypto Bug Allows Forging of Signatures, Certificates
A critical bug in Java's implementation of ECDSA (CVE-2022-21449) can allow an attacker to forge a signature or certificate to...
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
A critical bug in Java's implementation of ECDSA (CVE-2022-21449) can allow an attacker to forge a signature or certificate to...
The U.S. government and military is looking to attract and retain more talented cyber operators to keep pace with the evolving...
The U.S. has indicted four Russians it alleges are affiliated with the FSB and GRU units responsible for the Triton and...
GitHub is opening is security Advisory Database to contributions to the community, allowing new research and improvements to help secure the software supply chain.
The FBI is forming a new Virtual Asset Exploitation unit to trace cryptocurrency crimes and ransomware profits.
Chris Eng, chief research officer at Veracode, recently joined Dennis Fisher on the Decipher podcast to talk about the company's new State of Software Security report and trends in enterprise security.
A remotely exploitable stack overflow (CVE-2022-0435) in the TIPC module of the Linux kernel has been patched.
Chris Eng of Veracode joins Dennis Fisher to talk about the company's new State of Software Security report and what's driving the increase in enterprises scanning their apps for vulnerabilities.