Application Security

Application Security news, trend analysis and opinion

wikileaks
Security online

cybersecurity

Pwn2Own 2017: Your stuff as mincemeat

Security teams gathered at Pwn2Own 2017 to hack your favorite software and found plenty of bugs, proving nothing is foolproof.

hacker, hackers, hacking

Adobe Reader, Edge, Safari, and Ubuntu fall during first day at Pwn2Own

During the first day of the Pwn2Own hacking contest, security researchers successfully demonstrated exploits against Microsoft Edge, Apple's Safari, Adobe Reader, and Ubuntu Desktop.

20160225 stock mwc ericsson booth security locks

How much are vendor security assurances worth after the CIA leaks?

Google, Apple, Microsoft and other software vendors are working to identify and patch the vulnerabilities described in the CIA leak, but ultimately this doesn't change the status quo of software security.

phone picture conference

Protecting the enterprise against mobile threats

Mobile devices have transformed the digital enterprise allowing employees to access the information they need to be most productive from virtually anywhere. Has that convenience come at a cost to enterprise security, though?

code programming software bugs cybersecurity

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

joomla logo

7 ways to improve your Joomla security

Follow these steps to secure your Joomla website and protect its visitors.

bug bounty

Microsoft paying a bug bounty of $30,000

Microsoft doubles its bug bounty to up to $30,000 for serious bugs in certain Microsoft services. The bounty runs through May 31, 2017.

google cloud plans primary

Checklist for choosing a small cloud host or ISP

Use this checklist to select a cloud host or ISP—and prevent future problems.

code programming software bugs cybersecurity

HackerOne offers bug bounty service for free to open-source projects

HackerOne, the company behind one of the most popular vulnerability coordination and bug bounty platforms, has decided to make its professional service available to open-source projects for free.

microsoft stock campus building

Google discloses unpatched IE vulnerability after Patch Tuesday delay

Google's Project Zero team has disclosed a potential arbitrary code execution vulnerability in Internet Explorer because Microsoft has not acted within Google's 90-day disclosure deadline.

update upgrade blackboard public domain

7.4% of software on PCs are past end of life

Research shows 7.4 percent of software on PCs are past end of life, meaning it's no longer patched and is vulnerable to exploitation.

owasp

What is OWASP, and why it matters for AppSec

Boost your application security (AppSec) with the Open Web Application Security Project (OWASP) guidelines.

RSA

Breaking through the cybersecurity bubble

At the recent RSA cybersecurity conference, interoperability and cooperation were a common theme, but not everyone is taking it seriously.

0 shadow it intro

8 steps to regaining control over shadow IT

Learn how to discover those employees who went roaming for outside services.

ciso reporting

3 new information security jobs for the digital enterprise

With digitization comes 3 new IT roles - strategic consultant, product security specialist and dedicated application developer

code programming software bugs cybersecurity

JavaScript-based ASLR bypass attack simplifies browser exploits

Researchers have devised a new attack that can bypass address space layout randomization (ASLR) in browsers and possibly other applications.

medical marijuana sign

Hackers show no mercy—even for pot dispensaries

Anatomy of a national point-of-sale hack and takedown of more than 1,000 marijuana dispensaries

2016 digital transformation

Why managing trust is critical for digital transformation

Businesses planning on staying ahead in digital transformation find traditional methods used to establish trust in the physical world fall short in the digital world.

Load More