Microsoft has open sourced CodeQL queries used to scan for Solorigate malware activity that matches the SolarWinds supply-chain attack.
Microsoft has introduced a new source code analyzer tool dubbed Microsoft Application Inspector. The tool is designed to “identify interesting features in source code” and can help enable developers understand software components your apps use.
The Open Web Application Security Project (OWASP) has released its OWASP API Security Top 10 2019. This is the first version of the API Top 10. OWASP will likely update the guidelines every three to fours years, similar to the other OWASP Top 10 series.
GitHub, one of the world’s leading software development platforms, has launched GitHub Security Lab with aim to secure open source software.
Security firm Sucuri warned back in June how compromised CCTV devices were used in multiple denial-of-service (DDoS) attacks every day. In the report, nearly 25,000 compromised devices from all over the world were used in various attacks on small businesses.