“GoDaddy has revoked 8850 SSL certificates after the hosting service discovered a bug affecting domain validation. The bug was born in July 2016, when according to a blogpost by GoDaddy, the company ‘GoDaddy inadvertently introduced the bug during a routine code change intended to improve our certificate issuance process’. The bug would cause the domain…
[News] The US National Institute of Standards and Technology (NIST), an agency of the US Department of Commerce who produce a number of widely used pieces of guidance, have just released the second draft of their Special Publication (SP) 800-160 “Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems”. Although it covers…
[Announcement] During the 5 year period (2011-2016) of the UK’s first National Cyber Security Programme (NCSP), the Trustworthy Software Initiative (TSI) was established and funded to coalesce ad hoc activity across 5 Facets of Trustworthy Software (Safety – Reliability – Availability – Resilience – Security [SRARS]) into a single management focus, and address aspects of…
[Announcement] Government-backed scheme offers free guidance to protect small businesses from software flaws and cyber attacks The Government-backed Trustworthy Software Initiative is launching ‘Trustworthy Software Essentials’ giving Britain’s small businesses free access to world-leading guidance, drawn up in consultation with Universities, multinationals and Government bodies, on how to reduce software flaws that are undermining SME…
[Announcement] Government joins forces with leading software companies to stress the importance of patching Leaving software unpatched amounts to gambling your business away, warn three new videos released by the Technology Forum, a cybersecurity partnership between government agencies and some of the world’s leading technology companies. The videos represent a joint push from government and…