article thumbnail

CVE Program Almost Unfunded

Schneier on Security

Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to be cancelled , as the US Department of Homeland Security failed to renew the contact. It was funded for eleven more months at the last minute. This is a big deal.

CSO 317
article thumbnail

On Software Liabilities

Schneier on Security

Over on Lawfare, Jim Dempsey published a really interesting proposal for software liability: “Standard for Software Liability: Focus on the Product for Liability, Focus on the Process for Safe Harbor.” I have long been a fan of software liability as a policy mechanism for improving cybersecurity.

Software 328
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Providing Security Updates to Automobile Software

Schneier on Security

Auto manufacturers are just starting to realize the problems of supporting the software in older models: Today’s phones are able to receive updates six to eight years after their purchase date. That means the car software hitting the road today needs to work­—and maybe even improve—­beyond 2036. Consider a car company.

Software 326
article thumbnail

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

The Last Watchdog

This category of awards ranks the worlds top 50 software education products based on authentic reviews from more than 100 million G2 users. This category of awards ranks the worlds top 50 software education products based on authentic reviews from more than 100 million G2 users. Cary, NC, Feb.

Education 130
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. All of these stats beg the question, “Do you know what’s in your software?”

article thumbnail

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

Jeffrey Bowie, CEO of the cybersecurity firm Veritaco, is facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly infecting employee computers at the Oklahoma City St. At the time of this writing, the website of the cybersecurity firm Veritaco is unreachable. Anthony Hospital.

Malware 145
article thumbnail

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. Similarly, software bills of materials (SBOMs) underscore the need for better accountability in third-party software.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely.