For solutions to these and other problems please contact us at The-Techy.com
Are you a Secure Programmer?
December 27, 2019
Leave a comment
Happy New Year to those of you who read this blog, and to those folks who remember my predictions about going over 20,000 unique CVEs in 2019, I trust you may agree that 2019 was a banner year for vulnerabilities. Lucent/Alcatel are among the vendors who have CVEs that have taken us over 20,000 this year (CVE-2019-20047, 20048).
It’s time to ask yourself, are the hackers getting better at ‘hacking’ or are coders just getting worse? If we are going to examine how the last half of a decade has had more than 10,000 unique vulnerabilities each year and that number keeps increasing, we will all need to come to the conclusion that programmers just don’t know how to create programs that are secure by default!
Here is a chance for some of the best and brightest programmers to change course and learn how to avoid these vulnerabilities once and for all.
A California University (UCDavis) has created an online course that can help teach the Principles of Secure Coding. In a series of four courses, developers can learn about the fundamentals, identify vulnerabilities and walk on the wildside as they learn how to hack just like the a blackhat!
Take one, two or the set of four courses and really understand how pentesters can exploit how code works so you can learn how to avoid many of the common pitfalls. https://www.coursera.org/specializations/secure-coding-practices
Categories: General
hacking, secure coding, security
Snyk Found Over Four Times More Vulnerabilities in RHEL, Debian, and Ubuntu – DZone Security
November 17, 2019
Leave a comment
Impressive list of vulnerabilities this year and even the purchase of Redhat by IBM isn’t making the paid OS immune. Check out the docker images that are floating around and be careful when trusting someone else’s container build.
https://dzone.com/articles/snyk-found-over-four-times-more-vulnerabilities-la?fromrel=true
Categories: General
What’s in a container image: Meeting the legal challenges | Opensource.com
November 8, 2019
Leave a comment
Do you remember when you bought a license and installed your copy of windows X on a VM and didn’t think twice about it. You loaded your software and maybe setup a reoccurring backup for it and you were done right?
Nowadays, there are risks at even using that Windows license on a cloud provider other than Azure (but that is another story)
Today, running containers is the new thing and that software is open source right? Not always!
You could have more than just Vulnerability risk to worry about. Some container images can also have License risk and you could have legal troubles too!
https://opensource.com/article/18/7/whats-container-image-meeting-legal-challenges
Categories: General
Scotiabank does it again
October 12, 2019
Leave a comment
Beginning Jan. 1, 2020, the bank’s Canadian workforce will have a
total of five personal days and the flexibility to take them as needed,
in addition to existing sick and vacation days.
“Our people are our most important asset and their well-being is a
top priority for Scotiabank,” said Barbara Mason, chief human resources
officer, in a press release. “We strongly believe that by offering
employees greater flexibility to take time off to achieve greater
work-life balance, our employee population will be healthier and
happier, and therefore enabled to perform at their very best.”
Categories: General
Picard is back!
October 6, 2019
Leave a comment
… and he is teaming up with 7 of 9!
Go borg GO! This is going to be so exciting… https://twitter.com/WIRED/status/1180899318024163328?s=09
Categories: General
Debit cards and TD are in trouble (again)
September 30, 2019
Leave a comment
Toronto business owner loses $14K to technical glitch at mobile payment company.
https://www.cbc.ca/news/canada/toronto/mobile-payment-glitch-1.5300313
You may remember the post a few months ago that may be related…
Categories: General
