Software Vulnerabilities February 28, 2015 IBM Application Security on Cloud Saves the Day 2 min read - With AppScan Mobile Analyzer, IBM found vulnerabilities in the Apache Cordova framework for mobile apps that enabled a remote drive-by exploitation attack.
February 26, 2015 Researchers: Adtrustmedia’s PrivDog Advertising Software Leaves Some Users at Risk 2 min read - PrivDog, the advertising software offered by Adtrustmedia, may be breaking SSL security in ways that compromise user security.
Software Vulnerabilities February 19, 2015 Broken Web Browsers: Malware’s New Address? 3 min read - More than 75 percent of enterprises have been infiltrated by browser-borne malware. What steps can companies take to protect against broken Web browsers?
Software Vulnerabilities January 29, 2015 Ghost in the Machine: Linux Zero-Day Vulnerability Opens Door for Attack 3 min read - A Linux zero-day vulnerability, dubbed "Ghost," was recently discovered. It lets malicious code execute on servers that use the glibc functionality.
January 26, 2015 Thousands of Internet-Connected Automated Tank Gauges Vulnerable to Attacks 3 min read - Thousands of Internet-connected automated tank gauges are vulnerable to attacks because they are connected to the Internet without password requirements.
January 16, 2015 Google Stops Android Patches for Older Versions, Puts Millions of Smartphone Users at Risk 2 min read - Google has reportedly decided to stop issuing Android patches for older versions of the operating system, putting millions of smartphone users at risk.
January 12, 2015 Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware 2 min read - Experts say cybercriminals are using a popular online repository called Pastebin to act as a remote server for hosting malware aimed at WordPress users.
January 7, 2015 Intel, Two Others Patch Firmware Vulnerability 2 min read - Intel and two other vendors have reportedly patched a firmware vulnerability that can affect some Unified Extensible Firmware Interface (UEFI) systems.
Application Security December 26, 2014 The Responsible Disclosure Policy: Safeguard or Cybercriminal Siren Song? 3 min read - Having a responsible disclosure policy is the best way to communicate software vulnerabilities to the public. However, is this doing more harm than good?
CISO December 23, 2014 Failure to Plan Is a Plan for Failure When It Comes to Security 3 min read - With major security events happening in 2014, including Heartbleed and Sony's hack, what can companies do to plan ahead and protect themselves from hacks.