News
Open source software
-
January 11, 2023
11
Jan'23
Should we be worried about malicious use of AI language models?
WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned?
-
December 20, 2022
20
Dec'22
Top 10 software development stories of 2022
We look at how software development has adapted to the changing economic climate over the past 12 months
-
December 19, 2022
19
Dec'22
GitHub CEO: Artificial intelligence will not replace developers
Artificial intelligence will enable developers to learn at their own pace and become more productive rather than take over their jobs, says GitHub CEO Thomas Dohmke
-
December 09, 2022
09
Dec'22
Iranian APT seen exploiting GitHub repository as C2 mechanism
A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware
-
December 07, 2022
07
Dec'22
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November
-
December 05, 2022
05
Dec'22
How HashiCorp is driving cloud provisioning and management
HashiCorp CEO Dave McJannet talks up how the company is supporting cloud provisioning in a hybrid environment and its investments in Asia-Pacific to capitalise on the region’s growth potential
-
November 29, 2022
29
Nov'22
Cyber criminals exploiting naked TikTok ‘challenge’
Malware operators lured targets by promising them they would be able to view nude videos of TikTok users
-
November 22, 2022
22
Nov'22
How Singapore’s OCBC is harnessing open source
OCBC using the OpenShift container platform to modernise its applications, reduce its reliance on proprietary software and deliver new business capabilities
-
November 03, 2022
03
Nov'22
Russia risks shortage of PCs and software
Russian consumers and businesses could face a shortage of IT equipment including PCs and software
-
November 02, 2022
02
Nov'22
OpenSSL vulnerabilities ‘not as bad as feared’
As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared
-
October 31, 2022
31
Oct'22
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed
-
October 31, 2022
31
Oct'22
SoftIron’s HyperCloud to ease private cloud deployments
SoftIron claims its technology stack fully automates the provisioning of storage, compute, networking and infrastructure services, providing a fully functioning, multi-tenant cloud
-
October 18, 2022
18
Oct'22
Apache vulnerability a risk, but not as widespread as Log4Shell
A newly disclosed Apache Commons Text vulnerability may put many at risk, but does not appear to be as impactful or widespread as Log4Shell
-
October 18, 2022
18
Oct'22
Virtually all vulnerable open source downloads are avoidable
Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report
-
October 11, 2022
11
Oct'22
With Java 19, Oracle boosts developer productivity with an eye on the future
Major features in Java 19 will make it easier for Java developers to build applications that interface with non-Java code, among other capabilities in the 10th edition of the platform’s six-month release cadence
-
October 04, 2022
04
Oct'22
Red Hat CEO on OpenShift roadmap, competitive play
Red Hat’s newly minted CEO Matt Hicks talks up OpenShift’s roadmap, the competition with VMware and opportunities in the Asia-Pacific region
-
September 21, 2022
21
Sep'22
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix
-
August 31, 2022
31
Aug'22
Google debuts open source bug bounty programme
Google is calling on hackers to take pot-shots at its open source projects for the first time through a new vulnerability research programme
-
August 22, 2022
22
Aug'22
Google Cloud and Singapore government team up on AI
Singapore’s National AI office will tap Google Cloud’s expertise in artificial intelligence to build artificial intelligence applications and train public sector officers on AI
-
August 10, 2022
10
Aug'22
GitHub targets vulnerable open source components
There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted
-
August 02, 2022
02
Aug'22
VMware CEO defends Broadcom deal
Raghu Raghuram is confident that Broadcom will invest in growing VMware through a broad portfolio of assets that will serve its entire customer base, not just its biggest customers
-
July 15, 2022
15
Jul'22
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come
-
June 24, 2022
24
Jun'22
Developers grapple with open source software security
Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds
-
June 23, 2022
23
Jun'22
SolarWinds unveils new development model to avoid a repeat of Sunburst
SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry
-
June 10, 2022
10
Jun'22
Commercialising open source
Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business
-
June 07, 2022
07
Jun'22
Software house Mega achieves holistic SaaS security with Synopsys
Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards
-
May 13, 2022
13
May'22
Open source community sets out path to secure software
A 10-point plan to improve the security and resilience of open source software was presented this week at a summit in the US
-
May 11, 2022
11
May'22
IBM lived up to its neutrality promise to Red Hat
Red Hat CEO Paul Cormier claims IBM has lived up to its commitment to maintain the neutrality of Red Hat three years on
-
May 10, 2022
10
May'22
NetApp’s cloud-era storage competitors in ‘world of hurt’
NetApp is busily reinventing itself as a cloud services provider, with its competition years behind, according to its public cloud vice-president
-
April 11, 2022
11
Apr'22
Open source CMS platform Directus patches XSS bug
A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data
-
April 08, 2022
08
Apr'22
Was Spring4Shell a lot of hot air? No, but...
Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better
-
April 05, 2022
05
Apr'22
Hackathon team uses origami in James Webb Space Telescope Pi project
The James Webb Space Telescope was the inspiration behind a NASA challenge which uses an IoT device based around folded paper
-
March 31, 2022
31
Mar'22
Spring4Shell zero-day sprung on security teams
Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it?
-
March 29, 2022
29
Mar'22
Wave of Log4j-linked attacks targeting VMware Horizon
Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell
-
February 09, 2022
09
Feb'22
How Carrefour is lowering its Oracle footprint
Migrating core business applications requires a multi-pronged approach, so what remains on-prem, and where does SaaS fit?
-
February 01, 2022
01
Feb'22
Dutch software engineers join campaign for research funding
Software researchers from all over Europe are sounding the alarm: to maintain a strong international competitive position, more financial resources must be committed to software research
-
January 27, 2022
27
Jan'22
Nightmare Log4Shell scenario averted by prompt, professional action
Prompt and professional community response to the Log4Shell disclosure means the dangerous and widespread vulnerability has not been exploited to the extent many had feared
-
January 26, 2022
26
Jan'22
PwnKit bug endangers Linux distributions worldwide
Qualys researchers share intel on a memory corruption vulnerability in a program installed by default on every major Linux distribution
-
December 21, 2021
21
Dec'21
Top 10 software development stories of 2021
Business recovery is leading to more emphasis on software projects. Here are Computer Weekly’s top 10 software development stories for 2021
-
December 02, 2021
02
Dec'21
Pandora Papers: How journalists mined terabytes of offshore data to expose the world’s elites
Six hundred journalists spent over a year mining 2.94 terabytes of data that revealed offshore companies and the politicians, world leaders and celebrities who secretly owned them
-
November 12, 2021
12
Nov'21
OpenUK debuts carbon-negative datacentre blueprint at COP26
Open source championing not-for-profit OpenUK puts forward plan to reduce the environmental impact of datacentres, with an emphasis on encouraging site and hardware reuse
-
November 05, 2021
05
Nov'21
Inside Krungsri Bank’s open API journey
Thailand’s Krungsri Bank has been harnessing open application programming interfaces to enable its partners to build new services in a strategy that has won over customers from rival banks
-
October 29, 2021
29
Oct'21
How GitHub is driving secure software development
GitHub’s first chief security officer offers a glimpse into the company’s efforts to help developers and organisations embrace secure software development practices
-
October 06, 2021
06
Oct'21
Apache web server users urged to patch immediately
New zero-day in Apache HTTP Server is already being actively exploited and must be addressed immediately
-
August 24, 2021
24
Aug'21
13 million malware attacks on Linux seen in wild
Cryptominers, web shells and ransomware are the most common varieties of malwares targeting Linux systems, thanks to its prevalence as the backbone of most public cloud services
-
July 28, 2021
28
Jul'21
Executive interview: Lee Porte, chair, Cloud Foundry Foundation TOC
Cloud Foundry wants more non-IT industry code contributions and its technical oversight committee has a new chair who wants to ramp up user focus
-
July 26, 2021
26
Jul'21
Malicious actors turn to obscure programming languages
Using new, lesser-known or otherwise uncommon programming languages to code new malwares can help skirt cyber defences
-
July 21, 2021
21
Jul'21
Cloud Foundry Foundation rebalances commercial code contributions
Most open source contributions in Cloud Foundry come from developers whose companies commercialise the platform
-
July 12, 2021
12
Jul'21
NHS to get new online jobs platform
NHS Business Services Authority is working to transform the NHS Jobs platform, currently in beta stage, with plans to launch it early next year
-
June 23, 2021
23
Jun'21
DataStax eyes growth in APAC
DataStax opens regional headquarters in Singapore to tap the growth opportunities in Asia-Pacific where more organisations are modernising legacy systems and building cloud-native apps