Here is an interesting presentation from Rémi Chipaux a former colleague from itrust consulting.
He is talking about his research work on setting up some honey pots for collecting malware samples. The idea is quiet simple, buy a Raspberry PI (it costs around 20-30 euros). Install in it a honeypot tool like Cowrie. Then, just wait for getting impacted by malwares spreading in the wild. It is pretty amazing indeed to see as he explains that it takes few minutes to get a malware uploaded to your host.
Here is his talk:

This is a really interesting talk from Prof. James Whittaker on the future of testing. He is talking about how testing changing and how it will be in the future and he is really right in this prediction done in 2008. As predicted, crowd testing companies (like utest.com) are becoming very successful nowadays.
​
"The best way to predict the future is to invent it". Whittaker is definitely among those inventing the future of testing.

This is an interesting talk given by a notorious researcher in software testing, Prof. Jeff Offutt. It was given on 2010. However, it is still very insightful and really nice to watch:
He is really a brilliant researcher. He is demonstrating in this talk in a very nice way how useful and practical academic research can and should be. 

The US surveillance program PRISM is just something that have been known for years, as the french say a secret de polichinelle (open secret). You will find on the internet more information, comments, blog posts on this, like here, or here or here. 
My view on this subject is that with the popularity of social networks, the cloud service, all private information that was few years ago almost impossible to get is freely available on the social networks websites or on cloud providers data centers. Take for instance, the location based services (for users of twitter, facebook, android, ios, windows phone)  is really a gold mine for secret services, a dream come true. They are able to know location of millions of people around the work. As smartphones, social networks get more adopted by the world population (there is already one billion smartphone users and this stat is from last year!) , secret services will be able to monitor all these people on daily basis. 
A program like PRISM is in my opinion already outdated because there is much more to get easily from all the data available thanks to social networks and smartphones. The big issue is no more how to get this data but is how to sort it, how to find and locate the most relevant pieces among this huge amount of data.
Finally, we have to admit that privacy is almost dead and it is getting difficult to protect your privacy.

It made the news in almost all around the world. Apple maps is really badly tested, contains a lot of inaccurate maps/pictures. Many websites are making jokes and having fun showing a list of apple maps mistakes/bugs.
It is obvious this software was not tested right. It is really surprising because it seems that the basic concepts/methods of the software testing were not followed.
The basic testing approach would be to get some end-user tester perform system testing. At least, trying and running the application, trying it with famous and known locations.
This apple maps, I think will remain for a long time and the perfect example ever of what you should not do when testing an application.

I came across this website. It is citing some real examples of funny, hilarious paper reviews. This is always done during scientific conferences peer-review process. Other researchers in the same research field are invited to review and evaluate the quality of papers submitted to conferences. They choose to accept or reject the publication of the paper. 
In this website, there is a list of funny comments on submitted papers, read and judge by yourself:

• There is no experimental demonstration of your theorem.
• My name only appears in the Acknowledgements section where I could have signed this paper.
• You shoudl let a native english speaker reads the paper to checking the ortographe and gramar of the paper.
• Your contribution is so trivial that somebody must have published this somewhere already.
• I may have accepted your paper, but I had better things to do so I didn't read it.
• I had a headache just by looking at the data structures of your linear-time optimal algorithm. No doubt an exhaustive algorithm would be more efficient in practice.
• Reject: Figure 3 is unclear.
• Your research agenda is so outdated that your results are on a Wikipedia page already.
• Being 37% better than a complete moron does not make you a genius.
• This article does not deserve the paper and ink used to print it.
• In the future, don't waste your time writing articles manually. Use a generator such as http://pdos.csail.mit.edu/scigen/ to ensure they are gramatically correct, if not instructive.
• I can't believe the authors took the time to present, analyze and prove an algorithm for this middle-school problem.
• Honnestly, I really wonder whether this article is a joke or not. Anyway, I can assure you it gave me a good laugh and put me in a good mood for the rest of the day.
• The used notations are unclear and confusing. Since clear writing leads to clear thinking, I doubt that the authors really understood their own article.
• The only merit of this paper is to demonstrate all what you have to not do when writing an article.
• The practical effectiveness of the algorithm may be somewhat overstated since the experimental results prove its inability to fulfill its goals.
• Strengths: What are the major reasons to accept the paper? [Be brief.] I did not find strengths; I stopped reading the paper on page 12, so I may have missed something.
  
• This paper is original, well written and fully matches the topic, but its subject is so boring that I strongly recommend its rejection.
• Some Monthy Python sketches are far more logical than this paper.
• This paper needs a major rewrite to fix the English, make it more concise, explain clearly what exactly is the performance evaluation methodology, and how it is different from the obvious. (this one was seen for real as I was PC member...)

A new malware is spreading right now. It is an important threat since this malware is very similar to the famous Stuxnet malware (an interesting talk about analysing stuxnet). It installs a keylogger that records all the keystrokes and the system configuration, then encrypt all this data and stores then in an image.
To detect and remove this threat, you can use this tool.

Even google famous video sharing website Youtube is vulnerable to XSS attacks. The attack is surprisingly simple and I wonder why it has not been tried before.
Hackers were able to use this vulnerability during last days to redirect users to porn websites. 
XSS attacks are very difficult to protect against. Input filtering can never be the solution. What is needed in automated tools to systematically protect against this attack.