Application Security

Application Security news, information, and how-to advice

holiday scam

Runaway Train

Google's work on full encryption chugs along, with Yahoo's help

Code has been migrated to GitHub to foster involvement from the wider tech community

121114 linux malware 1

A brief history of Linux malware

A look at some of the worms and viruses and Trojans that have plagued Linux throughout the years.

01 the year ahead

The biggest challenges faced by CIOs/CISOs heading into 2015

As the year winds to a close, CIOs and CISOs are faced with a number of challenges heading into 2015. CSO recently heard from several experts about the topic, each offering their opinion on what they feel would be the most important...

061014 patch tuesday

Microsoft Patch Tuesday addresses Exchange and Explorer flaws

Microsoft issued 7 security patches for the month


Google says bye bye, CAPTCHAs, well, mostly

Google announced that the company is trying to get rid of CAPTCHAs, those annoying barely readable, letters and numbers that prove to a website that you're not a robot or a spammer.

present gift snow holiday

Security executives reveal their holiday wish lists

Do you know any security executives who say they have everything they need to keep their organizations safe from threats? Chances are you don’t.

Cheapest tablets pose biggest security risks

The super-cheap Android tablets everyone bought on Black Friday and Cyber Monday could pose problems for enterprises when they arrive at the workplace after the holidays.

lighthouse night warning

How to maintain security in continuous deployment environments

If you wait till tomorrow to secure what continuous deployment took live yesterday, hackers will infect your application today!

Unlocked circuit board / security threat

Adobe tries again to fix Flash vulnerability

Malware authors found a way to continue to exploit a vulnerability patched last month


Easily exploitable bug in Wordpress

Over the weekend news began to spread that there was a new release of the juggernaut CMS software, Wordpress, to deal with a host of security issues. I’ve been using Wordpress now for almost 10 years. I rather enjoy this software...

pci security compliance

5 PCI Compliance gaps

With the holiday shopping season coming up, and crooks lining up to take advantage of the stress and confusion, this is a good time for merchants to review their payment security procedures.

us uk flags

Governments act against webcam-snooping websites

Insecam, which broadcast feeds from unsecured webcams, no longer works

windows 95

Microsoft fixes severe 19 year-old Windows bug found in everything since Windows 95

With help from IBM, Microsoft has patched a critical vulnerability that flew under the radar since the launch of Windows 95.


Mistaken identity: Indiana Dept. of Education hacked a second time

Late last week, the Indiana Department of Education was defaced for a second time; just days after attackers claiming to represent the Nigeria Cyber Army used a vulnerability in the website's CMS platform to initiate the first attack....


Drupal vulnerability blamed for problems at Indiana Dept. of Education

On Monday, Indiana's Department of Education glimpsed the dark side of patch management, after administrators discovered that their website had been defaced. The root cause of the defacement was their vulnerable Drupal installation,...

Students taking a test

Popular messaging apps fail EFF's security review

The organization ranked 39 digital communication tools based on security features and best practices


Google to kill off SSL 3.0 in Chrome 40

In the meantime, Chrome 39 will no longer support SSL 3.0 fallback for TLS connections


What you need to know about the Drupal vulnerability CVE-2014-3704

Do you use Drupal for your personal website? Does your company use Drupal? Can’t recall the last time it was patched? It is a safe bet to assume that you’ve already been compromised. Here's what to do next

Load More