Application Security

Application Security news, information, and how-to advice

151027 facebook headquarters 1
patch fix wall bricks fix repair

20151027 openworld oracle cloud signs

Oracle releases 136 security patches for wide range of products

The company has adopted the new CVSS 3.0 vulnerability rating system, resulting in a larger number of flaws rated as high and critical

A mug with the words GitHub Social Coding

19 open source GitHub projects for security pros

GitHub has a ton of open source options for security professionals, with new entries every day. Add these tools to your collection and work smarter

stack of padded envelopes with the red urgent sticker

Uninstall QuickTime for Windows now!

iTunes for Windows is still OK, but QuickTime is serious bug bait and Apple is no longer providing security updates

Security online

Adobe fixes 24 vulnerabilities in Flash Player, including an actively exploited one

The new Flash Player update squashes a bug that hackers have been using to infect computers with ransomware

security code big data cyberespionage DDoS

Massive application-layer attacks could defeat hybrid DDoS protection

Security researchers have recently observed a large application-layer distributed denial-of-service attack using a new technique that could foil DDoS defenses and could spell trouble for website operators.

adobe flash player v10 icon

Adobe to issue emergency patch for Flash vulnerability

The patch for a critical flaw that attackers are reportedly exploiting could come as soon as Thursday

IBM logo

Three-year-old IBM patch for critical Java flaw is broken

Attackers can easily bypass the patch to exploit a vulnerability that allows them to escape from the Java security sandbox

security hole in fence clouds gap opening

Third-party Web UI for Docker has major security flaws

Major vulnerabilities found in third-party DockerUI product indicate that Web apps for vertical audiences aren't always security conscious

spring cleaning vacuum carpet

It's time for security spring cleaning

With the day-to-day activities, older security products and software often get set aside even if they're no longer in use


How to fight off a zombie app-ocalypse

If zombie apps are attacking your company, you need to hire an application assassin

Java logo

Two-year-old Java flaw re-emerges due to broken patch

A patch released by Oracle in 2013 can be easily bypassed to attack the latest Java versions, security researchers said

code big data binary programming

Attackers can turn Microsoft's exploit defense tool EMET against itself

Exploits can trigger a specific function in EMET that disables all protections it enforces for other applications

Cyber security breach attack on monitor with binary code

Israeli cybertech startups set global security trends

The Cybertech 2016 conference took place in Tel Aviv, where Israeli startups showcased their latest innovations and technologies in combating global cyber security threats

security 2016 cybercrime

5 tips to protect your admin credentials

Credentials are the main battlefront in our ongoing computer security war. Deploy everything you have to keep them safe

Apple iPhone 5S (1)

Increasingly popular update technique for iOS apps puts users at risk

JSPatch could allow malicious developers to bypass Apple's strict application review process and access restricted iOS functions

magento logo

Critical vulnerabilities patched in Magento e-commerce platform

Stored XSS bugs could let hackers hijack administrative accounts

Intel Core i7

Serious flaw patched in Intel Driver Update Utility

The flaw could allow man-in-the-middle attackers to install malware on computers

Apple logo from inside Apple Store in Boston

Researcher finds fault in Apple's Gatekeeper patch

Synack's Patrick Wardle says Gatekeeper can still be tricked into letting malware run

Load More