Application Security

Application Security news, information, and how-to advice

00 title
app malware

android for work mobileiron

Google steps up its BYOD game; looks to secure more than a billion mobile devices

On Wednesday, Google officially launched Android for Work, which was announced last June at its I/O conference. The aim is to offer businesses a stopgap that addresses BYOD needs, including secured access to sensitive data and OS...

Oculus VR

Are metaverse pioneers making the same old security mistakes?

Ask security pros what they would change about the Internet if they could go back in time knowing what they know now, and most can point to a list of mistakes we could have avoided. But according to some experts, we're still making...

ssl secure browser security lock

Comodo's PrivDog advertising software leaves some users at risk

PrivDog, Comodo's advertising replacement software, has been flagged by researchers as a risk due to the way it handles SSL connections (HTTPS). Like Superfish, PrivDog breaks the trust and protection of HTTPS by using its own...

lenovo a10 bluetooth keyboard 1

Spin and FUD: Superfish CEO says software presents no security risk

In a statement to Ars Technica, Adi Pinhas, CEO of Superfish Inc. said his company's pre-installed advertising software on Lenovo PCs poses no security risk – despite clear evidence otherwise.

Lenovo Y50 gaming laptop

Lenovo says Superfish problems are theoretical, but that simply isn't the case

On Thursday, the world woke to the news that commercial-grade Lenovo PCs were being shipped from the factory with adware pre-installed on the system. Designed to provide a visual shopping experience, the software is insecure and...

Lenovo Y40 Gaming PC

FAQ: How to find and remove Superfish from your Lenovo laptop

Lenovo has shipped consumer PCs with software designed to offer a visual shopping experience, but in reality it's adware that breaks HTTPS online – leaving customers vulnerable to attack and information theft. Here’s how to determine...

patch band-aid bandage broken fix

January marked by Java, Flash vulnerabilities

Newly-disclosed vulnerabilities in Flash and Java were the ones to watch out for this winter, according to a new report by Copenhagen-based security firm Secunia.

first-aid medicine cure patch remedy

Report: Microsoft packing more patches into fewer bulletins

Microsoft is packing more common vulnerability exposures into its critical bulletins, according to a new report.

0 title

Romancing development: How to avoid feeling vulnerable with open source

Black Duck Software presents 5 tips for a secure enterprise relationship with open source.

win 10 large start

Critical vulnerability in Group Policy puts Windows computers at risk

The design flaw took more than a year to patch and even then Windows Server 2003 was left out

box ipo

Box fixes flaw in Mac desktop Sync app

Online file storage and sharing service Box has patched the Mac version of its desktop app after a developer found it exposed potentially sensitive bits of data, including API keys, internal user IDs, URLs and passwords.

medical stethoscope 101922589

Hackers target health care as industry goes digital

With more health providers and insurers incorporating IT into clinical care, hackers are viewing the health care industry as their next target.

knight

The trick to vanquishing 0 days that have become 100 days

We have now arrived in the theatre of the absurd. Collectively we use things like Adobe Flash, Acrobat and Java on our systems everyday. We use software that is flawed at its very core in our jobs, schools and home life. Then...

windows xp bliss start screen

CSO50 2015: When Windows XP ends, life must go on for research systems

Quintiles develops a risk mitigation strategy for critical business applications.

Adobe confirms patch for newest zero-day vulnerability

A malicious advertising campaign on Dailymotion.com, has led to thousands of infections due to the use of a Flash Player vulnerability that's currently without a patch.

Scary ghosts haunted scream

'Ghost' vulnerability poses high risk to Linux distributions

The flaw in the GNU C Library can be exploited remotely for full control, according to Qualys

internet security with lock

6 DNS services protect against malware and other unwanted content

A good DNS service can protect users from a variety of unwanted Web intruders, including phishing sites and botnets. We look at six of them.

Java programming language

Java is the biggest vulnerability for US computers

Oracle's Java poses the single biggest security risk to US desktops because of its penetration rate, number of vulnerabilities, and patch status, says a new report

Load More