Company Blog
Stuxnet p0wns the Physical World
If the code here (courtesy of Ralph Langner) looks unfamiliar, that means you’re probably not a process control engineer familiar with the Siemens Step 7 programming language. And if you are, software security is probably unfamiliar territory! This code turns out to be the payload of the Stuxnet worm, meant to be injected into the [...]
BSIMM Begin
Starting this past winter, we tried an extended BSIMM-related experiment in self-reporting as a means of gathering software security activity data. We did this by directly contacting individuals and organizations to entice them to complete a survey. We called that effort BSIMM Begin. BSIMM Begin is related to the actual BSIMM, but it is not [...]
Remediation – The Game
(This is a guest post, contributed by Timothy Champagne, a consultant at Cigital.) I have long been a fan of card games. During lunch breaks at work, my co-workers and I would often play such games to pass the time and socialize. I found myself thinking that this activity could not be unique to my [...]
