The Cybersecurity Research Center conducted a security analysis of the 10 most popular Android sports and betting apps. With the Super Bowl approaching in the U.S., the Synopsys Cybersecurity Research Center (CyRC) set out to evaluate the 10 most popular Android sports and betting apps through the lens of supply chain security. We used Black Duck® Binary Analysis (BDBA) to examine the open source components used in these apps.

We examine the Log4Shell disclosure through the lens of the Black Duck Knowledge Base to understand how organizations respond to high-profile vulnerabilities.

Learn about CVE-2022-23846, a denial-of-service-vulnerability affecting GTP libraries found in Open5GS.

Open source software provides companies with a competitive edge but when used incorrectly, it can lead to risks in the software supply chain. Today’s modern software applications simply would not exist, or be as powerful, without the use of open source software (OSS). Developers design open source software with source code that is accessible for anyone to use, modify, and learn from, and they release the code with specific licensing rights.

Understanding how software is developed and the areas impacted by technical debt can help lawyers and investors assess software risks during an M&A. Insight into how software is developed and what kinds of issues can lurk in a codebase enables businesspeople and lawyers to better understand software risks and how to mitigate them.

The new Black Duck SCA release offers enhancements to help organizations to better understand the potential risks in their software supply chain. Black Duck® software composition analysis (SCA) started the new year off strong and got a running start on its resolution to better help teams secure their software supply chain at the speed of modern software development. Let’s look at some of the highlights of the 2023.1.0 release.

Our 2023 cybersecurity predictions are in. The experts weigh in on trends and how they’ll shape cybersecurity efforts in the year ahead. It’s still the season for gazing into the crystal ball that tells us what’s going to happen in the world of cybersecurity for the rest of the year. Or at least we wish it would. Crystal balls are always cloudy, which means predictions are hard—especially about the future, as the late, great Yogi Berra said.

Black Duck Security Advisories provide actionable advice and details about open source vulnerabilities to help you improve your remediation activities. A vulnerability is a software bug that hackers can exploit to attack an application. Ideally, software is written so as to proactively thwart the efforts of bad actors, but that is often not the case.