A buffer overflow vulnerability that could be exploited to execute malicious code has been discovered in the Visual Component Library (VCL) library of Embarcadero's Delphi and C++Builder application development environments, and could, therefore, also affect applications that were built by using the software and that use the affected library.
In this interview, Don Bergal, COO at Managed Methods, answers questions regarding security around API based connections between an enterprise and the hybrid cloud.
Today at Black Hat, Checkmarx launched Game of Hacks, a challenging game for software developers and security professionals to test their application hacking skills, improve their code security know-how and facilitate better security practices in hope of reducing the amount of vulnerabilities in their applications.
More often than not, computer security competitions come in the form of Capture The Flag (CTF) contests, and the emphasis is on breaking systems.
A team of researchers from Columbia University has downloaded and decompiled over 880,000 applications found on Google Play, and has discovered - among other things - that app developers often embed their secret authentication keys in the apps, which can lead to attackers stealing server resources or user data available through services such as Amazon Web Services or Facebook.