Application Security

Application Security news, information, and how-to advice

spoofing 1
disaster recovery plan ts

flash

A recently patched Flash Player exploit is being used in widespread attacks

It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are used to infect computers with malware.

online security

A critical flaw in Symantec antivirus engine puts computers at risk of easy hacking

The antivirus engine used in multiple Symantec products had an easy to exploit vulnerability that could have allowed hackers to easily compromise computers.

Man walking on tight rope which is unraveling problem mess danger risk

Web application security risks: Accept, avoid, mitigate or transfer?

Web application security is a very hot topic these days. What shall CISOs do with the related risks?

sharepoint teper and Virk

5 ways Microsoft has improved SharePoint security

Revamped SharePoint platform enables more granular security controls, hybrid cloud and on-premise auditing, and BYO encryption keys

adobe flash player v10 icon

Flash Player update fixes zero-day vulnerability and 24 other critical flaws

Adobe Systems has released a security update for Flash Player in order to fix a publicly known vulnerability, as well as 24 privately reported security flaws.

code big data binary programming

Dangerous 7-Zip flaws put many other software products at risk

Two vulnerabilities recently patched in 7-Zip could put many software products and devices who bundle the open-source file archiving library at risk of compromise.

messaging apps threats security privacy thought bubbles

Popular messaging apps present real enterprise threat

CIOs and other IT professionals need to strategically manage the use of today's popular consumer messaging apps in the enterprise. While that process can be a challenge, it's possible to protect your business without blocking all...

US Capitol

Yahoo Mail and Google App Engine banned over malware concerns

The IT department of the U.S. House of Representatives has blocked access to Yahoo Mail and the Google App Engine platform due to malware threats.

20160224 stock mwc sap booth sign

US sounds alarm after SAP bug found affecting multinationals

The U.S. government is warning major corporations to check the configuration of their SAP software systems after a computer security company discovered at least 36 global enterprises were still vulnerably to a significant bug that had...

20160224 stock mwc sap booth sign

SAP bug returns to cause mischief

After spending about two decades in the trenches I ran across all sorts of IT implementations. One of the ones that always caused me some heartburn was SAP. The running joke that I heard more than a few times was that when you...

Security online

Hackers exploit unpatched Flash Player vulnerability, Adobe warns

Adobe Systems is working on a patch for a critical vulnerability in Flash Player that hackers are already exploiting in attacks, but has released other security patches for Reader, Acrobat and ColdFusion.

image magic

ImageMagick vulnerabilities place countless websites at risk, active exploitation confirmed

Tuesday afternoon, Slack security engineer Ryan Huber posted a brief warning on Medium surrounding vulnerabilities in ImageMagick, an image manipulation suite installed on millions of web servers. These flaws, which are being actively...

hand writing on chalkboard showing myth vs fact

Five most common myths about Web security

Running behind trendy APTs we tend to forget about common-sense approach and holistic risk assessment.

lock

Why you need DRM for your documents

From protecting merger discussions to everyday document management, enterprise DRM is a mature, mainstream enterprise technology. So why aren’t more companies using it?

truce white flag

Is a truce possible in the ad-blocking war?

Online advertisers and ad-blocking software makers don’t have much nice to say about one another. But amid the antagonistic rhetoric, both sides agree there is room for compromise – by making the user experience a priority.

Man squeezed between file cabinets

In the digital enterprise, everyone is a security newb

The responsibility of securing the extended network falls on more than just the security practitioners.

Hackers can track your whereabouts with Waze vulnerability

Researchers from UC-Santa Barbara were able to reproduce the hack by creating thousands of ghost drivers to monitor the whereabouts of the target.

hidden backdoor
Update

Facebook bug hunter stumbles on backdoor left by... another bug hunter

A researcher found a PHP-based backdoor installed by a hacker on one of Facebook's corporate servers, but all was not as it seemed.

Load More