Category Archives: Software

Best practices and challenges in adopting continuous software testing

Businesses must accelerate the shift to comprehensive continuous software testing in order to remain competitive, according to a report released by Capgemini and Broadcom. The report, based on a survey of 500 senior decision makers in corporate IT reveals that most businesses find it challenging to adapt their quality assurance and testing processes to the Agile way of working. The crux of the challenge is that organizations find it difficult to frequently deploy a large … More

The post Best practices and challenges in adopting continuous software testing appeared first on Help Net Security.

Insulating your business from COVID-19 impacts

COVID-19 is spreading rapidly across the planet. More and more of your employees and customers are becoming anxious about personal impacts and disruption. Fewer people are attending events or leaving their home to conduct business. Fewer employees are interacting in-person with customers or business partners. How can you use information technology to insulate your business…

Hospitals are deploying virtual care apps in a matter of days, exposing them to more cyber attacks

The coronavirus has forced hospitals to fight an uphill battle on multiple fronts, and as they scramble to establish virtual healthcare solutions to minimize the strain on other resources, they’re becoming prime targets for hackers looking to capitalize on the chaos.

While many migrate security tools to the cloud, concerns remain

While many companies are beginning to migrate security tools to the cloud, a significant number have concerns, a survey by Exabeam reveals. The survey highlights data privacy, unauthorized access, server outages and integration as key concerns. Not everyone has migrated to the cloud yet The survey shows a mixed picture when it comes to firms migrating security tools to the cloud. While just over half of respondents (52 percent) began migrating to cloud-based security products … More

The post While many migrate security tools to the cloud, concerns remain appeared first on Help Net Security.

Github acquires npm to aid JavaScript developers

The Microsoft-owned Github this week announced that is has acquired npm, a company with a large registry of JavaScript packages.

Nat Friedman, Github’s chief executive officer, who made the announcement in a blog post, wrote that npm’s place in the open-source community and their extensive registry of JavaScript packages was a key reason for the purchase.

“npm is a critical part of the JavaScript world. The work of the npm team over the last 10 years, and the contributions of hundreds of thousands of open source developers and maintainers, have made npm home to over 1.3 million packages with 75 billion downloads a month. Together, they’ve helped JavaScript become the largest developer ecosystem in the world,” wrote Friedman. “We at GitHub are honored to be part of the next chapter of npm’s story and to help npm continue to scale to meet the needs of the fast-growing JavaScript community.”

Microsoft is just one of many tech companies who have increased their focus on open-source in recent years, following the belief that by turning to an open-source strategy, they will attract more developers.

That belief appears to jive with some recent statistics. A 2019 study sponsored by Red Hat said that 69 per cent of IT leaders believed open-source to be very important to business and 68 per cent said they had increased their usage of open-source in the 12 months preceding the study.

Friedman went on to explain that their three biggest goals, once the deal finalizes, will be to invest in the registry infrastructure and platform, improve the core experience, and engage with the community.

Existing paying customers who already use npm Pro, Teams, and Enterprise to host private registries will experience no service changes.

Friedman also noted that the company will be heavily investing in GitHub packages as a multi-language packages registry full integrated with GitHub and later this year they will be enabling npm paying customers to move their private npm packages to GitHub Packages.

Trend Micro fixes two actively exploited zero-days in enterprise products

Trend Micro has fixed two actively exploited zero-day vulnerabilities in its Apex One and OfficeScan XG enterprise security products, and advises customers to update to the latest software versions as soon as possible. About the vulnerabilities The two zero-days are: CVE-2020-8467, a critical flaw in the migration tool component of the two solutions that could allow remote attackers to execute arbitrary code on affected installations CVE-2020-8468, a high-risk content validation escape vulnerability affecting Apex One … More

The post Trend Micro fixes two actively exploited zero-days in enterprise products appeared first on Help Net Security.

Only a select few are allowed to build apps related to COVID-19, says Apple

As the world fights COVID-19 pandemic, communities around the world are trusting apps to be their news sources and Apple says it’s working hard to ensure the credibility of health and safety information. The company says it’s evaluating apps related to COVID-19 critically to make sure that the developers presenting the apps are from recognized…

Maple launches free online screening and consultation solution in response to COVID-19

While health officials do their best to provide answers to the public about COVID-19, virtual healthcare solutions provider Maple is doing what it can to quell those concerns by launching a free online screening tool and access to a live doctor for residents of Ontario.

Starting March 17, Ontario residents with a valid health card will be able to access these consultations from and speak to a doctor through either an audio or video channel to discuss their symptoms and whether or not they should go for further testing or treatment. The solution is covered by OHIP and will be accessible from here.

Following the appointment, people can have their results faxed over to their family physician or a local screening centre for next steps.

“Connecting concerned patients, who are receiving conflicting information from every angle, with licensed Canadian doctors from the safety of their homes is simply the right thing to do,” said Dr. Brett Belchetz, the chief executive officer and co-founder of Maple, in a press release. “We’re already seeing a strong increase in the need for virtual health services across the country. We hope that in the coming weeks, other provincial governments will follow Ontario’s example and open billing codes to allow video or telephone programs to expand across the country. It’s the best way to ensure safe access to healthcare in this time of self-isolation and social distancing.”

This is not yet available in other provinces due to healthcare plan laws and regulations not allowing for physicians to bill for online appointments, the company noted.

Maple will also provide its virtual clinic software to all Ontario and B.C. physicians at no charge.

Most computers easy to hack due to vulnerability in memory chips

Most computer systems are still very easy to hack, due to a vulnerability in memory chips produced by Samsung, Micron and Hynix, according to a study by researchers from VUSec of the Vrije Universiteit Amsterdam. The vulnerability in question is called Rowhammer, a design flaw in the internal memory (DRAM) chips of a device that creates the vulnerability. By exploiting the error, an attacker could gain control of a device. Rowhammer was made public eight … More

The post Most computers easy to hack due to vulnerability in memory chips appeared first on Help Net Security.

I’m still on Windows 7 – what should I do?

Support for Windows 7 has ended, leaving Marcy wondering how they can protect themselves

I do a lot of work on a Windows 7 desktop PC that is about five years old. I’m a widow and can’t afford to run out and get a new PC at this time, or pay for Windows 10. If I do stay with Windows 7, what should I worry about, and how can I protect myself? I have been running Kaspersky Total Security for several years, which has worked well so far. Marcy

Microsoft Windows 7 – launched in 2009 – came to the end of its supported life on Tuesday. Despite Microsoft’s repeated warnings to Windows 7 users, there may still be a couple of hundred million users, many of them in businesses. What should people do next?

Continue reading...