Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Elitery a Pioneering MSSP Partner for Google Cloud’s “Indo...
Asia Pacific’s Mobile Sector Adds $950 Billion to GDP; On Track ...
PT Kereta Api Indonesia announces nationwide email and communication o...
Will governments assert stronger oversight over tech giants deemed as ...
As cybersecurity threats to critical infrastructure escalate, US Congr...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      The rising threats and business risks of machine identities

      The rising threats and business risks of machine identities

      Tuesday, July 22, 2025, 12:19 PM Asia/Singapore | Features, IoT Security
    • Featured

      The future of AI-powered cybersecurity

      The future of AI-powered cybersecurity

      Monday, July 21, 2025, 4:04 PM Asia/Singapore | Features, Newsletter, Tips
    • Featured

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Thursday, July 10, 2025, 4:16 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

LOGIN REGISTER
  • Features
    • Featured

      The rising threats and business risks of machine identities

      The rising threats and business risks of machine identities

      Tuesday, July 22, 2025, 12:19 PM Asia/Singapore | Features, IoT Security
    • Featured

      The future of AI-powered cybersecurity

      The future of AI-powered cybersecurity

      Monday, July 21, 2025, 4:04 PM Asia/Singapore | Features, Newsletter, Tips
    • Featured

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Transcending digital disruption: How financial institutions can integrate innovation, security, and agility

      Thursday, July 10, 2025, 4:16 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning
News

US security agencies urge migration to memory safe programming

By CybersecAsia editors | Monday, June 30, 2025, 1:37 PM Asia/Singapore

US security agencies urge migration to memory safe programming

CISA and NSA releaseguidance for adopting memory-safe programming languages to nip decades-long system vulnerabilities in the bud.

For decades, memory-related vulnerabilities have been a persistent and costly challenge for cybersecurity professionals, frequently enabling devastating cyberattacks and compromising critical systems.

These vulnerabilities, which arise from programming errors in how software accesses or manages memory — such as buffer overflows; use-after-free; and dangling pointers — are especially common in languages such as C and C++, that lack built-in memory safety mechanisms. Industry studies consistently show that around 70% of severe security bugs are linked to memory safety issues, making them the most prevalent type of disclosed software vulnerability.

High-profile incidents such as Heartbleed and BadAlloc have illustrated the far-reaching consequences of these flaws, affecting everything from hospital records to industrial control systems. However, with last week’s announcement by the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) of a renewed push for systemic change, things are set to change for the better.

In a joint guidance document, the two agencies are urging software development teams and organizations to adopt memory-safe programming languages (called MSLs) such as Rust, Go, Java, Swift, Python, and C#, which incorporate automated memory management and compile-time checks to eliminate entire classes of vulnerabilities. The agencies stress that embedding memory safety at the programming language level shifts the responsibility from individual programmers to the tools themselves, offering a more robust and scalable defense against exploitation.

While acknowledging that transitioning legacy systems and large codebases to memory-safe languages presents challenges (including the need for developer training, tooling, and careful integration with existing software) the agencies emphasize that the long-term benefits for national security and software resilience are substantial. Their guidance provides practical strategies for adoption and highlights ways to harden existing non-memory-safe applications when a full transition is not feasible.

Nevertheless, recognizing that MSLs may not be the best option for every scenario, the US government’s message that efforts should take advantage of tools such as TRACTOR that can translate unsafe code through a Foreign Function Interface into MSL-compatible runtime code.

Share:

PreviousWith increasing IT/OT convergence, reacting to any cyber incident is already too late!
NextRedefining the frontlines of digital defense

Related Posts

Guess how many new malware tools and tactics were launched in 2022

Guess how many new malware tools and tactics were launched in 2022

Tuesday, May 23, 2023

Establishing trust with employees and customers with Zero Trust

Establishing trust with employees and customers with Zero Trust

Friday, July 2, 2021

Urgent: Your inactive cryptomining account is about to be deactivated!

Urgent: Your inactive cryptomining account is about to be deactivated!

Wednesday, April 12, 2023

What risks do insurance firms fear most in 2025 and beyond?

What risks do insurance firms fear most in 2025 and beyond?

Thursday, February 6, 2025

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more
  • Thai government expands secure email management to close cybersecurity gaps

    Thai government expands secure email management to close cybersecurity gaps

    New measures address cybersecurity gaps in public sector communications, deploying advanced protections and operational support …Read more
  • How Iress optimized global DevSecOps

    How Iress optimized global DevSecOps

    Scaling compliance, security & efficiency – while seamlessly migrating to the cloud – with JFrog.Read more
  • St Luke’s ElderCare enhances operations and capabilities through a centralized secure, scalable network

    St Luke’s ElderCare enhances operations and capabilities through a centralized secure, scalable network

    With only a small IT team, the digital transformation has united operations across 30 locations, …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.