Application Security

Application Security news, information, and how-to advice

code vulnerability software
20151027 openworld oracle cloud signs

Ubuntu China

Flaw in vBulletin add-on leads to Ubuntu Forums database breach

Ubuntu support forums users should be on the lookout for dodgy emails after the website's database of 2 million email addresses has been stolen.

microsoft headquarters

Microsoft fixes critical vulnerabilities in IE, Edge, Office, and Windows print services

Microsoft's new batch of security patches fixes 47 vulnerabilities across its products, including in Internet Explorer, Edge, Office, Windows and the .NET Framework.

pokemon go app phone

Pokémon Go’s data collection provokes privacy concerns by US Senator

U.S. Senator Al Franken, a strong privacy advocate, has raised the inevitable question about the privacy of the extensive data the game collects from its users, including children, and whether the data is used for other purposes.

Pokemon Go

Experts say Pokémon Go exposes players to security and privacy risks

Last week, Pokémon Go was officially released in the U.S. and players downloaded the application in droves. Overall, gamers are reporting a mostly positive experience, after a few server issues, but security experts warn that the app...

wordpress logo 8

Serious flaw fixed in widely used WordPress plug-in

The latest version of the All in One SEO Pack plug-in for WordPress fixes a flaw that could be used to hijack the site's admin account.

fingers keyboard code hands programming

Enterprise software developers continue to use flawed code in apps

Companies that develop enterprise applications download over 200,000 open-source components on average every year and one in every sixteen of those components has security vulnerabilities.

dlink dcs 930l camera webcame wireless

Code reuse exposes over 120 D-Link devices models to hacking

A recently discovered vulnerability in a D-Link network camera exists in over 120 different D-Link products and allows attackers to remotely take over the affected devices.

bugs

Researchers add software bugs to reduce the number of… software bugs

A new strategy for training bug-finding tools could help catch more vulnerabilities.

lenovo thinkpad

Lenovo ThinkPwn UEFI exploit also affects products from other vendors

A critical vulnerability that was recently found in the low-level firmware of Lenovo ThinkPad systems also reportedly exists in products from other vendors including HP and Gigabyte Technology.

2015 jeep cherokee car hacking

Is your car secure? Maybe not, but enterprise users can still learn something

If you're looking for a good lesson in enterprise security, there might be a few sitting in the parking lot. The automotive field is a glaring example of "worst practices" in security, say several automotive experts. And, the problem...

endpoint security tools 1

Web security guru: Focus on ransomware, SDLC, and endpoints

The noted web security guru worries that the key web and application threats aren't getting the right level of focus

trojan horse wooden

This mobile Trojan from China fills your phone with porn apps

Malware that secretly installs porn apps on your phone is infecting devices by the millions, becoming the world’s largest mobile Trojan.

worms virus symantec

Wormable flaws in Symantec products expose millions of computers to hacking

A Google security researcher has found high severity vulnerabilities in enterprise and consumer products from antivirus vendor Symantec that could be easily be exploited by hackers to take control of computers.

mobile enterprise apps

Dangerous keyboard app has more than 50 million downloads

The Flash Keyboard app has been downloaded more than 50 million times -- but is capable of some extremely dangerous behaviors.

online security hacker

A pen test a day keeps hackers away

Penetration testing has evolved from a nice to have test to a mandatory test, Besides compliance a PEN test will tell you just how secure your organizations data really is. Your network is being scanned and attacked daily, don't wait...

cctv

Thousands of hacked CCTV devices used in DDoS attacks

Attackers have compromised more than 25,000 digital video recorders and CCTV cameras and are using them to launch distributed denial-of-service (DDoS) attacks against websites.

Easy Everyday Encryption

Study: Encryption use increase largest in 11 years

Enterprise use of encryption saw the largest increase over the past year in over a decade, according to a report released today by the Ponemon Institute

20160224 stock mwc lenovo booth sign

Lenovo patches two high severity flaws in PC support tool

Lenovo has fixed two high severity vulnerabilities in its Lenovo Solution Center support tool that is preinstalled on many laptop and desktop PCs.

Load More