If one event demonstrated how vulnerable organisations and infrastructure around the world are to software vulnerabilities, it was Log4j. The critical zero-day vulnerability in the Java logging ...

Customer satisfaction is key to product success. That’s why development teams are often tempted to prioritize application performance and functionality, hoping to introduce necessary cybersecurity ...

For all the scary talk about cyberattacks from vendors and industry experts, relatively few attacks are actually devastating. But the Jaguar Land Rover (JLR) attack was. The JLR breach wasn’t some ...

Why bugs and misconfigurations pose as much of a cyber threat as hackers.

In 1965, Ralph Nader’s groundbreaking book Unsafe at Any Speed exposed how car manufacturers prioritised style, performance, and profit over the safety of drivers and passengers. His narrative spurred ...

Software security may finally be getting the attention it deserves as more countries institute necessary guidelines. But with threats increasing against the software supply chains, it is too soon to ...

Supply chain security continues to receive critical focus in the realm of cybersecurity, and with good reason: incidents such as SolarWinds, Log4j, Microsoft, and Okta software supply chain attacks ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More As 2020 finally came to an end and 2021 began, The New York Times ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...

The software security landscape is at an interesting juncture. As Jen Easterly, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), pointed out, there is a lesson to be ...

Microsoft's latest Windows update now confirms if your PC is Secure Boot-protected - how it works ...