Application Security

Application Security news, information, and how-to advice

spoofing 1
adobe flash player v10 icon

online security

A critical flaw in Symantec antivirus engine puts computers at risk of easy hacking

The flaw could be exploited by simply sending a malicious email or tricking users to visit a link

sharepoint teper and Virk

5 ways Microsoft has improved SharePoint security

Revamped SharePoint platform enables more granular security controls, hybrid cloud and on-premise auditing, and BYO encryption keys

Firefox

Mozilla wants US to disclose to it first any vulnerability found in Tor by government hackers

Mozilla says it wants to check if the vulnerable code is found in Firefox code

20160224 stock mwc sap booth sign

US sounds alarm after SAP bug found affecting multinationals

The bug was patched by SAP over five years ago, but many systems remain vulnerable

Security online

Hackers exploiting unpatched Flash Player vulnerability, Adobe warns

Adobe releases updates for Reader, Acrobat, and ColdFusion, but is still working on the Flash Player patch

malware bug virus security magnifying glass detection

Docker Security Scanning helps root out container vulnerabilities

The newest addition to Docker Cloud flags vulnerabilities in containers before they ever make it into production

imagetragick logo

Attackers are probing and exploiting ImageTragick flaws

Security companies have observed attacks trying to exploit recently disclosed remote code execution flaws in the ImageMagick Web server library

hack hacker cyber thief theft stolen

You too? Who's on the hacker hit list

You don’t need to carry the keys to the enterprise network to have a malicious hacker tail you. Here’s who’s at risk and what to do about it

20160224 stock mwc lenovo booth sign

Lenovo patches serious flaw in pre-installed support tool

The flaw could allow attackers to gain higher privileges on compromised computers

Magnifying glass on top of Best Practices

Linux Foundation tackles open source security with new badge program

The Core Infrastructure Initiative's Best Practices Badge program will help businesses identify which open source projects follow a security-focused methodology

gear rust machinery

4 projects ripe for a Rust rewrite

As Rust matures, projects aimed at reimplementing existing software in a language built for safety become more practical -- and more numerous

151027 facebook headquarters 1

Facebook bug hunter stumbles on backdoor left by hackers

The backdoor script stole Facebook employee credentials from a corporate server

patch fix wall bricks fix repair

Oracle security update includes Java, MySQL, Oracle Database fixes

Several vulnerabilities in Oracle's quarterly patch release are considered critical and could be remotely exploited

20151027 openworld oracle cloud signs

Oracle releases 136 security patches for wide range of products

The company has adopted the new CVSS 3.0 vulnerability rating system, resulting in a larger number of flaws rated as high and critical

A mug with the words GitHub Social Coding

19 open source GitHub projects for security pros

GitHub has a ton of open source options for security professionals, with new entries every day. Add these tools to your collection and work smarter

stack of padded envelopes with the red urgent sticker

Uninstall QuickTime for Windows now!

iTunes for Windows is still OK, but QuickTime is serious bug bait and Apple is no longer providing security updates

Security online

Adobe fixes 24 vulnerabilities in Flash Player, including an actively exploited one

The new Flash Player update squashes a bug that hackers have been using to infect computers with ransomware

security code big data cyberespionage DDoS

Massive application-layer attacks could defeat hybrid DDoS protection

Security researchers have recently observed a large application-layer distributed denial-of-service attack using a new technique that could foil DDoS defenses and could spell trouble for website operators.

Load More