Because of employees' increasing demands to use mobile devices at work, NIST's latest special publication provides organizations with a process to implement a mobile app vetting process.
Adobe confirms that a zero-day flaw exists in its Flash browser plug-in and promises to soon release Windows, Mac and Linux fixes for affected versions of Flash Player. The vulnerability is reportedly already being targeted by in-the-wild attacks.
The OpenSSL Heartbleed bug hasn't died, with recent scans still finding 250,000 Internet-connected systems that remain vulnerable. Security experts recommend enterprises expand their patching efforts to find devices with embedded firmware that contain the flaw.
Last year, a number of application vulnerabilities led to compromises of many organizations' systems, serving as an important reminder that application security is vital to any breach prevention effort. Here, experts offer four app security tips.
Nobody wants to be a cyber-attacker's first victim. But there are benefits to being second or third, says Akamai's Mike Smith. Then you get to enjoy the true benefits of the oft-discussed information sharing.
Nobody wants to be a cyber-attacker's first victim. But there are benefits to being second or third, says Akamai's Mike Smith. Then you get to enjoy the true benefits of the oft-discussed information sharing.
Did you know 59% of people fail to store their passwords securely?
With users connecting to unsecured public networks and running multiple applications from both company and personal devices, sensitive corporate data is more vulnerable than ever before. For your security policies to be effective, they need to bring...
A year after Facebook received a bug report regarding a loophole in its app architecture, the vulnerability remains exploitable, says the researcher who discovered this potential threat to user privacy.
In this post Target/Home Depot breach era, Application Security programs still seem to struggle at organizations of all sizes. The reasons for this 'mediocre' success range from mis-alignment between information security and application development groups to simply the lack of resources available for identification...
Mobile banking is growing out of its infancy and experts predict it will soon be the dominant banking and payments channel. With the vast array of endpoints being utilized, and multiple threat vectors being introduced, how are the threats of rogue mobile apps, mobile malware and SMiShing evolving? What vectors are...
Part 1 - Leveraging Global Threat Intelligence to Secure Mobile Banking
To secure our growing dependence on mobile devices, it is critical that we keep a constant eye on the current threat landscape. Only by continuously monitoring and analyzing malicious activity can an appropriate defense be crafted. There are...
As news of the Shellshock bug continues to spread, CISOs in all sectors are taking steps to mitigate the risks posed by the vulnerability. Likewise, regulators and industry groups have ramped up dissemination of alerts.
Attackers have exploited the Shellshock vulnerability - a.k.a. Bash bug - to infect at least 700 Linux systems with malware that includes the ability to launch DDoS attacks. Users of Unix systems are vulnerable.
To mitigate the newly discovered Bash bug - AKA Shellshock - which may make millions of systems vulnerable to remote takeover, organizations must take several key steps, says security expert Alan Woodward.
As more organizations accommodate employees' demands to use mobile devices, ensuring the security of the applications on those smart phones and tablets has become critical. That's why NIST is developing new apps testing guidance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
