Millions of Apple Applications Were Vulnerable to CocoaPods Attack

Millions of Apple Applications Were Vulnerable to CocoaPods Attack

Many macOS and iOS applications were open to a vulnerability in CocoaPods, an open-source dependency manager, E.V.A. Information Security revealed on July 1. The vulnerability has been patched since EVA first discovered it, and no attacks have occurred that are conclusively related to it. However, the case is interesting because the vulnerability stayed unnoticed for so long and highlighted how developers should be careful with open-source libraries. The vulnerability is a good reminder for developers…

Read More

White House Recommends Memory-Safe Programming Languages and Security-by-Design

White House Recommends Memory-Safe Programming Languages and Security-by-Design

A new White House report focuses on securing computing at the root of cyber attacks — in this case, reducing the attack surface with memory-safe programming languages like Python, Java and C# and promoting the creation of standardized measurements for software security. The report urges tech professionals to: Implement memory-safe programming languages. Develop and support new metrics for measuring hardware security. This report, titled Back to the Building Blocks: A Path Toward Secure and Measurable…

Read More