Application Security

Application Security news, information, and how-to advice

Android statues
security thinkstock

iot security

The solution for IoT security might be simpler than you think

What to do about the systemic risk of IoT devices that spawned the Mirai Botnet

chain rust link heavy iron metal

Rust language revs up compiler speed

Rust 1.13 is out, but it's marred by a 'serious' bug in ARM code generation

nothing to fear thinkstock

Linux Foundation doubles down on support for tamper-free software

The Reproducible Builds Project is designed to ensure binaries built from open source projects have not been tampered with

adobe systems headquarters san jose

Adobe fixes flaws in Flash Player and Adobe Connect

The Flash Player patches address nine critical vulnerabilities

cybersecurity awareness month banner v3 2

Cybersecurity Awareness Month: Shedding light on application security

Debunking application security fallacies for Cybersecurity Awareness Month

Security online

Flaw in Intel CPUs could help attackers defeat ASLR exploit defense

A feature in Intel's Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found.

money loss bankrupt crash black hole

The era of nine-digit defects

For big business, IT and software risk can result in nine digit defects. These are the massive outages we read about in the news that cause big consumer headache and sometimes cost CTOs, CIOs and CEOs their job. Better adherence to...

vulnerable

12 hardware and software vulnerabilities you should address now

Hardware and software that live past their end-of-life dates pose serious risks to organizations. Find out which assets you should update, upgrade, or replace ASAP

slack icon

Security for your collaborative software

Collaborative apps like Slack and Convo are like a sieve, but no one quite knows what to do about it

windows bugs crashes

Microsoft opens up its 'million dollar' bug-finder

Project Springfield, which includes Microsoft's in-house testing technology for Windows and Office apps, uses whitebox fuzzing technology to sniff out flaws that could lead to crashes

5 checklist

What’s in your code? Why you need a software bill of materials

When developers and suppliers carefully list the tools used to build an application and what third-party components are included, IT can improve software patching and updates

microsoft headquarters

Microsoft bug bounty program adds .Net Core and ASP.Net Core

The company will pay researchers up to $15,000 for critical vulnerabilities found in these software development platforms

cloud security ts

Flip Feng Shui attack on cloud VMs exploits hardware weaknesses

A sneaky attack on neighboring VMs in a cloud can be executed via the infamous Rowhammer memory-altering vulnerability, say security researchers

security keys locks

5 keys to conquering container security

Containers present a golden opportunity to bake security into development and operations processes; let’s seize it

rtx2b12t

Cisco patches critical exposure in management software

Vulnerability in Cisco Unified Computing System (UCS) Performance Manager software could let an authenticated, remote attacker execute commands

20151027 openworld oracle cloud signs

Oracle issues largest patch bundle ever, fixing 276 security flaws

The new batch of security update addresses flaws in over 80 products

wordpress logo 8

Serious flaw fixed in widely used WordPress plug-in

The persistent XSS vulnerability could allow the hijacking of admin accounts

Veracode SoSS v3 Application Security Graph

When your security products are insecure: Takeaways from the Symantec disclosure

A reaction to the recent vulnerability disclosure in Symantec products, explaining why they are not a surprise

Load More