Security News

Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person. Google Play, which provides access to millions of Android applications and games, has been abused by threat actors for the distribution of malware, and Google is looking for new ways to strengthen the security of both developers and users.

SMS alone may not be secure, but mobile phone numbers tethered to a SIM card are: they're a unique pairing that is difficult to tamper with or copy. It is now possible to prevent fraud and fake accounts while seamlessly verifying mobile users using the most cryptographically secure identifier they already have - the SIM card embedded in their mobile devices.

Google on Monday announced new measures for the Play Store, including requiring developer accounts to turn on 2-Step Verification, provide an address, and verify their contact details later this year. The new identification and two-factor authentication requirements are a step towards strengthening account security and ensuring a safe and secure app marketplace, Google Play Trust and Safety team said.

Amazon Web Services announced the AWS BugBust Challenge, a global competition for developers to collectively eliminate one million software bugs. With just a few clicks, developers from around the world can join the challenge by creating an AWS BugBust event for their organization in the Amazon CodeGuru console-and compete for prizes and prestige by identifying and fixing bugs in their applications.

Most developers never update third-party libraries after including them in their software, a new report from application security company Veracode reveals. Compiled in partnership with the Cyentia Institute, Veracode's latest State of Software Security report focuses on open source software and the manner in which developers approach the security of third-party libraries they use.

Microsoft has announced an additional Windows developer event for June 24th that will likely reveal new programming API or Microsoft Store changes. Earlier this month, Microsoft announced that they would be holding a special Windows event on June 24th at 11 AM EST to unveil their next generation of Windows.

Akamai announces enhancements designed to enable Akamai customers to create and deliver even more user experiences at the edge. Since its introduction, Akamai's EdgeWorkers serverless edge compute solution has empowered developers to build and deliver digital experiences from Akamai's platform of unparalleled scale, worldwide.

SmartBear has released a new plug-in for SwaggerHub API design to support IntelliJ IDEA, the popular Java-based integrated developer environment. API developers familiar with IntelliJ IDEA now have ready access to the OpenAPI compliant SwaggerHub API design platform to create, organize, and document APIs.

The FBI has revealed how it managed to hoodwink the criminal underworld with its secretly backdoored AN0M encrypted chat app, leading to hundreds of arrests, the seizure of 32 tons of drugs, 250 firearms, 55 luxury cars, more than $148M, and even cocaine-filled pineapples. "The CHS offered this next generation device, named 'AN0M,' to the FBI to use in ongoing and new investigations. The CHS also agreed to offer to distribute AN0M devices to some of the CHS's existing network of distributors of encrypted communications devices."

Google has launched a new experimental tool designed to help application developers visualize the dependencies of open source projects. In an effort to help developers gain a better perspective into the packages their open-source projects rely on, Google has introduced Open Source Insights, an exploratory visualization site that offers a view of dependencies, in an organized and accessible way.