Application Security

Application Security news, information, and how-to advice

heartbleed
jetpack logo

heartbleed bug

Vendors and administrators scramble to patch OpenSSL vulnerability

Since news of the OpenSSL bug started to spread on Monday, administrators and vendors have made a mad scramble to patch the Heartbleed bug, named for the flawed implementation of the heartbeat option in the cryptographic library.

Microsoft tightens restrictions on adware on Windows PCs

Adware developers have a new set of Microsoft-imposed guidelines to follow

CDW Integrates with Google Apps for Cloud Collaboration

Through a partnership with Google and Esna Technologies, CDW has rolled out native access to the CDW Cloud Collaboration suite within Google Apps.

Zeus malware found with valid digital certificate

New version of notorious banking Trojan could avoid detection by browsers and anti-malware software

Forgotten risks hide in legacy systems

Investing in new tools and solutions and making sure they’re doing their job may be top-of-mind in your security department, but older, less-used systems could be quietly costing you money and putting you at risk

IE easily beats Chrome, Firefox, Safari in malware detection

Tests from NSS Labs indicate that IE has a 99.9 percent block rate for socially engineered malware

Just previewing email can give attackers control of your PC, Microsoft warns

Attackers are actively exploiting a newly discovered Microsoft Word vulnerability that could be used to gain remote access of your PC, Microsoft warned Monday--and even worse, the exploit can be triggered by opening or merely...

Gartner Magic Quadrant for Client Management Tools

The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.

Cybercrime trends point to greater sophistication, stealthier malware, more encryption

RAND Corp. report outlines evolution of cybercrime and emergence of more complex and evasive tools

msword

Latest Word zero-day similar to exploits in other targeted attacks

Exploits involved booby-trapped Rich Text Format file and Microsoft Outlook email

Teen cyberbullying grows with 'anonymous' social chat apps

Apps like Yik Yak, Whisper and Secret offer teens online anonymity, but experts say parents need to remind kids that the promise is bogus

Rogue apps could exploit Android vulnerability to brick devices

The only way to recover from such an attack involves wiping all user data from affected devices, researchers from Trend Micro said

Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution

In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence point for other endpoint management and control functions.

Microsoft warns Word users of ongoing attacks exploiting unpatched bug

Biggest worry, says expert, is that exploits are triggered just by previewing malicious messages in Outlook 2007, 2010 and 2013

A thin lifeline for XP users: New Malwarebytes suite will support the older OS

The new Anti-Malware Premium suite unites five technologies under a new interface, including a behavior-based detection engine.

Newest bug bounty touts $10K rewards, appeals for help in finding Flash flaws

Vulnerability broker mocks talk of "heroes" who find bugs

Microsoft tweaks privacy policies after email spying backlash

To track down a Windows 8 leaker Microsoft peeked inside a blogger's email account

Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility

Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the challenges of managing different endpoints in SMB-sized

Researchers find cross-platform RAT for Windows, Android

Android APK found in WinSpy, suggesting that hackers are seeking cross-platform RATs

Healthcare.gov: Proceed at your own risk

The government insists the Obamacare site is secure. But most experts disagree

Without proper security measures, smart homes are just begging to be targets

As they stand now, smart devices are exceedingly vulnerable to attack, and it's up to users to keep them from becoming a front door to their entire networks

Experts warn against judging Firefox on poor Pwn2Own performance

Researchers at annual hackfest discover four previously unknown vulnerabilities, but experts say that may not necessarily make it the least secure browser

Load More