Check out best practices for preventing buffer overflow attacks. Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention!
Dive into six things that are top of mind for the week ending Feb. 14.
1 – CISA, FBI offer buffer overflow prevention tips
The U.S. government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.
This week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) called buffer overflow vulnerabilities “unforgivable defects” that put national and economic security at risk.
“CISA and FBI urge manufacturers to use proven prevention methods and mitigations to eliminate this class of defect while urging software customers to demand secure products from manufacturers that include these preventions,” the agencies wrote in a joint fact sheet.
Buffer overflows happen when data written to a computer’s memory buffer exceeds the buffer’s capacity. This can lead to issues such as system crashes, data corruption and remote code execution.
These are some of the recommendations the agencies offered for preventing buffer overflows in the fact sheet titled “Malicious Cyber Actors Use Buffer Overflow Vulnerabilities to Compromise Software.”
- Use memory-safe languages when developing software.
- Implement compile time and runtime protections using compiler flags.
- Rigorously test your software products using static analysis, fuzzing and manual reviews throughout the development cycle.
- Analyze the root cause of past buffer overflow vulnerabilities to detect trends and patterns.
CISA and the FBI also highlighted these buffer overflow vulnerabilities:
CVE-2025-21333
CVE-2025-0282[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: