Chris Wysopal

573 0

Chris Wysopal, Co-Founder and CTO at Veracode

Articles by Chris Wysopal

Schneider Electric Says Software Bug Exploited In Watershed Hack

It has been reported by that Schneider Electric SE has disclosed that hackers exploited a flaw in its software in a watershed hack discovered last month that halted plant operations at an industrial facility. Chris Wysopal, CTO and Co-Founder at CA Veracode commented below. Chris Wysopal, CTO and Co-Founder at CA Veracode: “Unfortunately, breaches like this are becoming …


Fancy Bear Hackers Race To Exploit Flash Bug Against The US And Europe

It has been reported that the Fancy Bear hackers are racing to exploit the recently announced Adobe Flash bug. The hacking group are trying to exploit the flaw before patches are widely deployed. Chris Wysopal, CTO, CA Veracode commented below. Chris Wysopal, CTO at CA Veracode: “The current activity by the Fancy Bear hackers, as they race to exploit …


Trump Hotels Hit By Third Data Breach

It was reported today that Trump hotels have been hit by a third data breach. The full story can be found on the BBC here.Chris Wysopal, CTO and Co-Founder, Veracode commented below. Chris Wysopal, CTO and Co-Founder at Veracode: “With news that Donald Trump’s hotel chain has been hit by its third data breach in just three years, …


Petya Ransomware Comment – How It Spreads / Why Businesses Were Affected

The ransomware is definitely spreading via EternalBlue exploit just like WannaCry. People have found the code in the malware and have seen the EternalBlue exploit traffic on the network.  There are additional spreading vectors that use harvested credentials from machines compromised with EternalBlue. These are used to connect to and run the malware on fully …


Vulnerabilities In Symantec And Norton Products

Critical vulnerabilities discovered in Symantec and Norton security products. Here below Chris Wysopal, CTO and co-founder at Veracode, reflecting on how security software is second to worst category of software for application security. Chris Wysopal, CTO and co-founder at Veracode: “The critical vulnerabilities discovered in Symantec and Norton security products are not a surprise – Veracode’s State …

Under the Hood Look at LogJam

Badlock Vulnerability

The kerfuffle over naming of vulnerabilities like Badlock and ShellShock misses the mark on why this is a good thing for the industry. Given the sheer volume and scale of the application security problem companies face today, anything that draws attention to the seriousness of the state we’re in is a good thing. I’d argue …

Legislation to Force Companies to Reveal Cyber Attack

Legislation to Force Companies to Reveal Cyber Attack

MP Dr Liam Fox call for companies to come clean after cyber attack. Chris Wysopal, CTO and CISO at Veracode have the following comments on it. Chris Wysopal, CTO and CISO at Veracode : “There is no question that responsible disclosure is a good policy, however globally there remains limited precedent for it. In the …

4 in 5 Applications Rritten in Web Scripting Languages

4 in 5 Applications Written in Web Scripting Languages Fail OWASP Top 10 Upon First Assessment

Veracode’s Supplement to the 2015 State of Software Security: Focus on Application Development report benchmarks application risk profiles by type of programming language Veracode, a leader in protecting enterprises from today’s pervasive web and mobile application threats, released a supplement to the 2015 State of Software Security: Focus on Application Development, a report based on …


Bugs in Mobile Networks Code Discovered

Mobile networks around the world have been penetrated by criminals and governments via bugs in the code that keeps them running. The security holes have been found in a technology known as Signalling System 7 (SS7), which helps to interconnect mobile networks across the globe. Security experts from Veracode and SQR systems have the following …

Stagefright Bug

Stagefright Bug Affects 1 Billion Android Devices

The Android Stagefright bug is back and this time, the flaw allows an attacker to hack Android smartphones just by tricking users into visiting a website that contains a malicious multimedia file, either MP3 or MP4. More than 1 Billion Android devices are vulnerable to hackers. Security experts from Tripwire, Veracode and Rapd7 have the following …

1 comment