Application Security

Application Security | News, how-tos, features, reviews, and videos

code programming software bugs cybersecurity

This tool can help weed out hard-coded keys from software projects

Truffle Hog can find access tokens and keys that are 20 characters or longer inside source code repositories

ransomware data laptop

MongoDB ransomware attacks sign criminals are going after servers, applications

Ransomware is lucrative, and attackers looking for new ways to extort enterprises are going after data stored on web and app servers, even SaaS apps

bug bounty

Why companies offer a hacking bounty -- and why there are challenges

Major companies like Apple, Uber, and Yelp regularly offer bounties -- some as high as $200,000 -- but there can be drawbacks

ransomware data laptop

Exposed MongoDB installs being erased, held for ransom

Administrators should check their MongoDB deployments before they’re wiped clean

Android statues

Remote management app exposes millions of Android users to hacking

Man-in-the-middle attackers could exploit an AirDroid flaw to execute malicious code on devices

security thinkstock

CERT to Microsoft: Keep EMET alive

Windows systems with Enhanced Mitigation Experience Toolkit properly configured is more secure than a standalone Windows 10 system, says CERT

chain rust link heavy iron metal

Rust language revs up compiler speed

Rust 1.13 is out, but it's marred by a 'serious' bug in ARM code generation

nothing to fear thinkstock

Linux Foundation doubles down on support for tamper-free software

The Reproducible Builds Project is designed to ensure binaries built from open source projects have not been tampered with

adobe systems headquarters san jose

Adobe fixes flaws in Flash Player and Adobe Connect

The Flash Player patches address nine critical vulnerabilities

Security online

Flaw in Intel CPUs could help attackers defeat ASLR exploit defense

A feature in Intel's Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found.

money loss bankrupt crash black hole

The era of nine-digit defects

For big business, IT and software risk can result in nine digit defects. These are the massive outages we read about in the news that cause big consumer headache and sometimes cost CTOs, CIOs and CEOs their job. Better adherence to...

vulnerable

12 hardware and software vulnerabilities you should address now

Hardware and software that live past their end-of-life dates pose serious risks to organizations. Find out which assets you should update, upgrade, or replace ASAP

slack icon

Security for your collaborative software

Collaborative apps like Slack and Convo are like a sieve, but no one quite knows what to do about it

windows bugs crashes

Microsoft opens up its 'million dollar' bug-finder

Project Springfield, which includes Microsoft's in-house testing technology for Windows and Office apps, uses whitebox fuzzing technology to sniff out flaws that could lead to crashes

microsoft headquarters

Microsoft bug bounty program adds .Net Core and ASP.Net Core

The company will pay researchers up to $15,000 for critical vulnerabilities found in these software development platforms

cloud security ts

Flip Feng Shui attack on cloud VMs exploits hardware weaknesses

A sneaky attack on neighboring VMs in a cloud can be executed via the infamous Rowhammer memory-altering vulnerability, say security researchers

Multiple keys, one lock.

5 keys to conquering container security

Containers present a golden opportunity to bake security into development and operations processes; let’s seize it

Cisco patches critical exposure in management software

Vulnerability in Cisco Unified Computing System (UCS) Performance Manager software could let an authenticated, remote attacker execute commands

20151027 openworld oracle cloud signs

Oracle issues largest patch bundle ever, fixing 276 security flaws

The new batch of security update addresses flaws in over 80 products

wordpress logo 8

Serious flaw fixed in widely used WordPress plug-in

The persistent XSS vulnerability could allow the hijacking of admin accounts

Load More