CryptoLicensing v2013 for .Net includes license service activation console, new methods, properties with support for Mono, Android platforms including several improvements and bug fixes.
Oracle today released Java 7u11 with security fixes for remote code execution vulnerabilities related to escaping the applet sandbox through crafted reflection API calls. Read on to find out more about it, and how to find out if you are affected or not.
Syncfusion has announced the availability of Orubase Version 1 which ships with Project Wizard, SQLite and Encryption Support.
A central theme with Windows 8 is the Microsoft Account. This is another attempt to offer a single sign-on system for both Microsoft and third-party services. Microsoft Account is available for Windows 8 apps, normal websites, Windows Phone, Android, and iOS.
A recent publication in the ACM CCS'12 proceedings titled "The Most Dangerous Code in the World:Validating SSL Certificates in Non-Browser Software" exposes critical vulnerabilities in the creation and usage of SSL libraries in non-browser applications. The lessons learnt and the ensuing recommendations to developers and testers are shared in this news item.
In the past there was an assumption that only popular applications and services will be attacked. But these days even new services with few or no users is liable to find itself under the hacker’s microscope. In a recent //Build session, Josh Dunn discusses some of the common vulnerabilities found in Windows 8 applications.
.NET 4.5 brings a lot of improvements in how Cryptography is handled within ASP.NET, with new APIs Protect and Unprotect and various under-the-hood changes. Levi Broderick explains the motivation, the changes and compatibility in a series of articles.
PhoneFactor Acquisition Enhances Security of Microsoft Applications with Multi Factor Authentication
Microsoft has recently acquired PhoneFactor, which provides multi factor authentication by making use of user's phone. According to official sources at Microsoft, this development will bring new security mechanism for Microsoft products.
Polish security start-up Security Explorations has found another hole that allows hackers to bypass critical security measures, affecting Java SE 5, 6 and 7 - the last eight year's worth of Java releases.
Java has been in the news a lot recently thanks to a rather messy response to a high profile Java security issue, CVE-2012-4681, and a related set of vulnerabilities which target the Java browser plug-in.
Windows Identity Foundation, Microsoft's framework for integrating claims-based authentication into applications, is now part of the .NET Framework. It was created to simplify work with access control and authentication, and to allow for single sign-on across multiple applications.
CSA security registry continues to gain relevance through the incorporation of Amazon AWS into the registry.
Troy Hunt demonstrates how the password hashes provided by SqlMembershipProvider are vulnerable to brute force attacks and offers some remedies.
Google today disclosed details of Compute Engine, an IaaS offering that runs Linux VMs on demand utilizing Google’s cloud infrastructure. Google Compute Engine (GCE) supports 1, 2, 4 and 8 virtual core VMs with 3.75GB RAM per virtual core