News • Insights • Analysis
Almost all keyboard apps used by Chinese people around the world share a security loophole that makes it possible to spy on what users are typing. The vulnerability, which allows the keystroke data that these apps send to the cloud Read More …
SQL injection – or SQLi – vulnerabilities remain a persistent class of defect in commercial software products. Despite widespread knowledge and documentation of SQLi vulnerabilities over the past two decades, along with the availability of effective mitigations, software manufacturers have Read More …
In previous blogs, watchTowr researchers discussed some of the big players in the enterprise software space, but there is one that they have not mentioned before, that is – quite frankly – the heavy-weight champion of the world in terms Read More …
Criminals could remotely tamper with the data that apps used by airplane pilots rely on to inform safe takeoff and landing procedures, according to fresh research. In a scenario that elicits strong memories of that nail-biting flight scene from Die Read More …
Despite several warnings about the risks, Apple will allow European iPhone owners to install apps obtained from outside the official App store (sideloading). These drastic changes are brought about to comply with the European Union’s (EU) Digital Markets Act (DMA). Read More …
The European Union (EU) released their new Cyber Resilience Act which is claimed to be the first ever act put in place to ensure consumers are better protected by the manufacturers of both hardware and software products sold within the Read More …
China’s national security agencies have discovered that foreign geographic information system software used in important industries in China has been collecting and transmitting geographic information data with some of the information collected involving state secrets, posing a serious threat to Read More …
AI systems have the potential to bring many benefits to society. However, for the opportunities of AI to be fully realised, it must be developed, deployed and operated in a secure and responsible way. AI systems are subject to novel Read More …
Application security provider Checkmarx has detailed its findings on the first known open-source software (OSS) attacks targeting the banking sector. During the first half of 2023, the firm said its supply chain research team detected several OSS attacks that showcased Read More …
The software development life cycle (SDLC) refers to the series of steps that a software project goes through, from planning all the way through operation. It’s a cycle because once code has been released, the process continues and repeats through Read More …
