Security News

Google this week announced that it is introducing a new policy for the Google Play app store, requiring all developers to provide information on their data collection practices. Planned as a safety section in Google Play, the change is expected to "Help people understand the data an app collects or shares, if that data is secured, and additional details that impact privacy and security."

Veriff launched a private beta programme for the Verification Tool, a version of its identity verification software tailored for external use. As the global identity verification market is booming, businesses are investing in the enhancement of their identity verification practices as advanced fraud prevention solutions become an operational requirement.

WALLIX announced the expansion of its channel team with the appointment of Yoann Delomier as Operational Technology Business Developer. In his new role, Delomier will be responsible for helping WALLIX to raise its presence in the industrial space.

Storj announced a new multi-tenant, S3-compatible gateway that enables developers to easily take advantage of the unsurpassed privacy and security benefits of Storj DCS. The new Storj DCS product replaces the company's Tardigrade offering and delivers a new onboarding experience, lower pricing, and added features so developers can start building on the decentralized cloud with ease. The update also includes new features like multi-part upload that improve performance when storing large objects on Storj DCS. "Developers love the simplicity of the cloud but are increasingly finding themselves conflicted with the privacy and security shortcomings of centralized cloud storage providers," says Ben Golub, Storj Executive Chairman and CEO. "New technologies and approaches like decentralization and the Storj DCS multi-tenant gateway mean developers can have better ownership and control of their data at a lower cost and without any extra effort, so they can build more secure and private applications."

Password specialist 1Password has acquired SecretHub, a secrets management platform aimed at IT engineers, and made a new service called Secrets Automation, previously in beta, generally available. Secrets Automation uses a Connect Server, delivered as a Docker container, which users deploy in their environment.

The developers of the PHP scripting language have shared an update on the recently disclosed breach in which attackers planted malicious code. Php.net server and it was apparently designed to allow an attacker to remotely execute arbitrary PHP code.

KODA advising CTO John Suit discusses the skills and languages that are important for developers who want to build software and systems for modern robots.

Even back in the early days, WebView was problematic because, with a JavaScript bridge enabled, a webpage viewed in WebView could execute code as the WebView application itself. There's the app itself, there are the Android subsystems, there are the apps that depend on WebView, there are the developers who might make use of JavaScript, which then depends on a third-party server that may or may not use SSL properly.

New episode - watch now!

CTO.ai announced the launch of its serverless Kubernetes platform that makes it easy for developers to deploy and manage their cloud native applications. This powerful, yet easy-to-use, platform makes product delivery teams more efficient and eliminates the complexity experienced by developers when applications are deployed on top of a self-managed Kubernetes cluster.