For solutions to these and other problems please contact us at The-Techy.com

Are you a Secure Programmer?

December 27, 2019 Leave a comment

Happy New Year to those of you who read this blog, and to those folks who remember my predictions about going over 20,000 unique CVEs in 2019, I trust you may agree that 2019 was a banner year for vulnerabilities. Lucent/Alcatel are among the vendors who have CVEs that have taken us over 20,000 this year (CVE-2019-20047, 20048).

It’s time to ask yourself, are the hackers getting better at ‘hacking’ or are coders just getting worse? If we are going to examine how the last half of a decade has had more than 10,000 unique vulnerabilities each year and that number keeps increasing, we will all need to come to the conclusion that programmers just don’t know how to create programs that are secure by default!

Here is a chance for some of the best and brightest programmers to change course and learn how to avoid these vulnerabilities once and for all.

A California University (UCDavis) has created an online course that can help teach the Principles of Secure Coding. In a series of four courses, developers can learn about the fundamentals, identify vulnerabilities and walk on the wildside as they learn how to hack just like the a blackhat!

Take one, two or the set of four courses and really understand how pentesters can exploit how code works so you can learn how to avoid many of the common pitfalls. https://www.coursera.org/specializations/secure-coding-practices

Categories: General Tags: , ,

OMG, I use that site!

November 20, 2019 Leave a comment

In what is clearly becoming so sad it is now funny, another popular online store was hijacked. Macy’s fell victim to a third party inclusion vulnerability and like so may big retailers before them, some of you may be victim to the scorge of the Magecart gang.

Not even the FBI can help these retailers (or more likely they don’t listen or don’t care) as more and more of them unwittingly become infected.

CyberSecurity is now becoming the most important thing to worry about as a service provider AND as an online shopper. Be careful where you tread…

More details are available from Bleeping Computer.

Categories: General Tags: ,

Snyk Found Over Four Times More Vulnerabilities in RHEL, Debian, and Ubuntu – DZone Security

November 17, 2019 Leave a comment

Impressive list of vulnerabilities this year and even the purchase of Redhat by IBM isn’t making the paid OS immune. Check out the docker images that are floating around and be careful when trusting someone else’s container build.

https://dzone.com/articles/snyk-found-over-four-times-more-vulnerabilities-la?fromrel=true

Categories: General

What’s in a container image: Meeting the legal challenges | Opensource.com

November 8, 2019 Leave a comment

Do you remember when you bought a license and installed your copy of windows X on a VM and didn’t think twice about it. You loaded your software and maybe setup a reoccurring backup for it and you were done right?

Nowadays, there are risks at even using that Windows license on a cloud provider other than Azure (but that is another story)

Today, running containers is the new thing and that software is open source right? Not always!

You could have more than just Vulnerability risk to worry about. Some container images can also have License risk and you could have legal troubles too!

https://opensource.com/article/18/7/whats-container-image-meeting-legal-challenges

Categories: General

Scotiabank does it again

October 12, 2019 Leave a comment

Beginning Jan. 1, 2020, the bank’s Canadian workforce will have a
total of five personal days and the flexibility to take them as needed,
in addition to existing sick and vacation days.

“Our people are our most important asset and their well-being is a
top priority for Scotiabank,” said Barbara Mason, chief human resources
officer, in a press release. “We strongly believe that by offering
employees greater flexibility to take time off to achieve greater
work-life balance, our employee population will be healthier and
happier, and therefore enabled to perform at their very best.”

Categories: General

Picard is back!

October 6, 2019 Leave a comment

… and he is teaming up with 7 of 9!

Go borg GO! This is going to be so exciting… https://twitter.com/WIRED/status/1180899318024163328?s=09

Categories: General

Debit cards and TD are in trouble (again)

September 30, 2019 Leave a comment

Toronto business owner loses $14K to technical glitch at mobile payment company.
https://www.cbc.ca/news/canada/toronto/mobile-payment-glitch-1.5300313

You may remember the post a few months ago that may be related…

https://www.cbc.ca/news/canada/nova-scotia/spotify-charges-debit-account-unauthorized-withdrawals-1.5206053

Categories: General