Our latest business and technology news

View: All | Press Releases | In the News | Events

In the News Aug 11 2017 Computer Weekly

Russian cyber espionage group targeting hotel Wi-Fi

In the wake of the WannaCry and Petya/NotPetya attacks, it is not surprising that notorious cyber gangs are finding new ways to use the NSA’s EternalBlue exploit to support their criminal activities, said Chris Wysopal (@WeldPond), co-Founder and chief technology officer at security firm Veracode.

In the News Aug 10 2017 Information Security Buzz

Government Proposal That Could Leave UK Organisations Facing Fines Of £17 Million For Cyber Security Failures

“Over the past year, we’ve seen a significant shift concerning cybersecurity regulation and putting the responsibility for cyberattacks on organisations where inadequate cybersecurity processes were in place. Whether GDPR or the New York State Department of Financial Services Cybersecurity Regulation, the onus is now being placed on firms to maintain a minimum standard of cybersecurity and to face severe consequences if they suffer a cyberattack as a result of not meeting it." Read more from Paul Farrington (@pfarrington_tm), Manager, EMEA Solution Architects at Veracode.  

In the News Aug 10 2017 McClatchy DC

Is Alexa spying on us? We're too busy to care — and we might regret that

It’s an experience every computer or smart phone user has had. After downloading new software or an app, a window pops up with a legal agreement. At the bottom is an “I agree” button. One click, and it’s gone. Most users have no clue what they’ve agreed to. That single action can empower software developers to extract reams of personal information – such as contacts, location, and other private data – from the devices. They can then market the information. Even as privacy erodes in the digital era, little outcry arises over the digital tracking and profiling of consumers. Only slight murmurs are heard on Capitol Hill.

In the News Aug 09 2017 heise Developer

Veracode announces two features for the automation of secure software development

The HPE Application Lifecycle Manager Flaw Synchronizer plug-in enables to remove security vulnerabilities at an early stage. Furthermore, it is now also possible to insert Jenkins into Veracode’s Application Security Platform for application scans.

In the News Aug 08 2017 Engadget

Your Modern Car Might be as Vulnerable as the First iPhone

Over 10 years ago, the first iPhone burst on the scene and changed mobile computing forever. But it had a flaw: The baseband (the part that manages all the radios) on the installed Infineon chip could be exploited to run the phone on networks other than AT&T -- which was, at the time, the exclusive provider. Fast-forward to 2017 and that same chip was recently found in various Nissan Leafs built between 2011 and 2015.

In the News Aug 08 2017 SC Media UK

£17 Million Fines for CNI Companies Under Proposed EU SNIS Plans

Just as commercial companies must protect loss of customer data under EU GDPR or face huge fines, now electricity, water, energy, banking, financial markets, transport and health infrastructure providers will also face the same fines (£17 million or up to four percent of annual turnover) if they fail to protect critical infrastructure from loss of services due to cyber-attacks.

In the News Aug 07 2017 McClatchy DC

Cyber criminals’ next deadly target: Grandpa’s pacemaker

Cyberattacks are accelerating worldwide and the U.S. health care system is dangerously unprepared to defend itself, or its patients. In the past two months, thousands of computers of the nation’s No. 3 pharmaceutical company, Merck, seized up amid a global cyberattack, cutting into production of medicines. The same rogue digital worm crippled a hospital system north of Pittsburgh, Pennsylvania. From insulin pumps and defibrillators, and on to expensive CT scanners and MRI machines, medical devices are increasingly connected to networks. Patient medical records are online. When networks go down, physicians say it is like operating in the dark.

In the News Jul 31 2017 NBC News

Hackers Were Able to Breach — and Then Rick-Roll — a Voting Machine

With the fake news scourge and bots running rampant online, Chris Wysopal (@WeldPond), chief technology officer at Veracode, said the security community can use its expertise to help.

In the News Jul 27 2017 Reuters

Flush Times for Hackers in Booming Cyber Security Job Market

The surge in far-flung and destructive cyber attacks is not good for national security, but for an increasing number of hackers and researchers, it is great for job security. Twenty or even 10 years ago, career options for technology tinkerers were mostly limited to security firms, handfuls of jobs inside mainstream companies, and in government agencies. But as tech has taken over the world, the opportunities in the security field have exploded.

In the News Jul 24 2017 CSO

Black Hat and DEF CON: The Evolution of Hacker Summer Camp

If you had to select one symbol of cybersecurity industry, you’d be hard pressed to find a better choice than the pair of conferences, Black Hat Briefings (Black Hat) and DEF CON. The duo is known affectionately as Hacker Summer Camp by many conference goers. Much has changed since the first Black Hat in 1997 and DEF CON in 1993. Not only have the crowds swelled, but so has the very nature of digital technology.

In the News Jul 21 2017 Forbes

Decades-Old Network Protocol Puts Companies At Risk And Refuses To Die

Twenty-five years is a very long time in the world of technology. Just look at how much computers have changed since 1992, the year when Microsoft proudly launched Windows 3.1 on a 1.44MB floppy disk. Yet, some things have lingered from those early days of the internet and now put the systems we depend on at risk.

In the News Jul 18 2017 Motherboard

Senator Asks DHS To Enable Email Security Feature to Prevent Phishing

A senator who's been pushing US government agencies to adopt better cybersecurity hygiene is calling out the Department of Homeland Security for not using a standard technology that would protect people who receive emails from DHS from fraud, spam, and phishing attempts.

In the News Jul 13 2017 SC Media

Why empathy and communications skills should underpin application security teams

Veracode's Colin Domoney (@colindomoney) discusses how to build a successful application security team based on his own experiences.

In the News Jul 07 2017 itnews

Petya likely to cause Reckitt Benckiser $171m loss

International consumer goods giant Reckitt Benckiser has revealed last week's assault on its network may take a £100 million (A$171 million) bite out of the company's revenue.

In the News Jul 05 2017 IT-Daily

The most curious election hacks and the Bundestagswahl 2017

Since elections there are attempts to manipulate them. Was even bribed in ancient Rome and violent intimidation to influence elections, digitization opens up completely new ways of political manipulators - they also make use of eager, as the cyber attacks before the presidential elections in the United States and France. Are our elections in Germany also endangered in September 2017? Julian Totzek Hallhuber (@d3v_rand0m), Solution Architect at application security specialists Veracode, shows some curious cases of policy-hacking and goes closer to the dangers for our forthcoming election one.

In the News Jun 28 2017 The Associated Press

New Highly Virulent Strain of Ransomware Cripples Networks

A new, highly virulent strain of malicious software that is crippling computers globally appears to have been sown in Ukraine, where it badly hobbled much of the government and private sector on the eve of a holiday celebrating a post-Soviet constitution. The fresh cyber-assault Tuesday leveraged the same intrusion tool as a similar attack in May and proved again just how disruptive to daily life sophisticated cyber-assaults can be in this age of heavy reliance on computers.

In the News Jun 27 2017 Fortune

Everything to Know About The Latest Worldwide Ransomware Attack

Meet the sequel to WannaCry, the wide-ranging ransomware attack that crippled businesses around the globe last month. On Tuesday, another widespread ransomware attack began halting unprepared businesses in their tracks. The new attack uses the same method of propagation as WannaCry: A leaked hacking tool called Eternal Blue, which has been linked to the U.S. National Security Agency.

In the News Jun 27 2017 City A.M.

Global cyber attack hits UK firms as WPP reports hack

A massive cyber attack which has hit a number of institutions in Ukraine appears to be spreading across Europe. A number of firms, banks and government offices in Ukraine began to report attacks earlier today caused by ransomware named "Petya." London-based advertising giant WPP has reported problems with its IT systems caused by a "suspected cyber attack," as did Danish shipping group Maersk.

In the News Jun 27 2017 BBC

Many firms hit by global cyber-attacks

Firms around the globe are reporting that they have been hit by a major cyber-attack. Veteran security expert Chris Wysopal (@WeldPond) of Veracode (@Veracode) said the malware seemed to be spreading via some of the same Windows code loopholes exploited by Wannacry. Many firms did not patch those holes because Wannacry was tackled so quickly, he added.

In the News Jun 27 2017 TechBeacon

5 application security metrics that should matter to your team

As companies increasingly adopt agile development methods, many are looking for ways to improve their application security. One of the first questions they must address is how to measure progress, experts say.

In the News Jun 27 2017 The Associated Press

The Latest: Ukraine Security Expert Fears For 'Whole World'

NEW YORK (AP) -- The Latest on a widespread cyberattack that is affecting companies and government systems (all times local), featuring commentary from Veracode Co-founder and Chief Technology Officer Chris Wysopal (@WeldPond).

In the News Jun 27 2017 ZDNet

Is DevOps sustainable after the consultants leave?

Is DevOps sustainable? That's the question addressed in two recent reports. DevOps is a cultural change; it means banding together different teams within the software value chain and getting them to work in sync. There may be a positive push as the effort is first announced, with executives and professionals rallying around this new collaborative initiative. But what happens after the consultants leave, and the hoopla dies down? Will everyone continue to work together as one happy, aligned family?

In the News Jun 26 2017 Fortune

Google’s Elite Hacker SWAT Team vs. Everyone

Brash. Controversial. A guard against rising digital threats around the globe. Google’s Project Zero is securing the Internet on its own terms. Is that a problem?