Top

Category: Application security


Application security, Mobile security

Mobile Financial Transactions Are Faster, But Are They Any Safer?

May 8, 2018

Via: Security Intelligence

In recent years the global payment landscape has undergone a seachange. Gone are the days where financial transactions impacted only core and branch banking. In the last few years, fintechs have opened previously unimaginable avenues for individuals and businesses alike. […]


Application security

Tens of Thousands of Malicious Apps Using Facebook APIs

May 2, 2018

Via: Threat Post

At least 25,936 malicious apps are currently using one of Facebook’s APIs, such as a login API or messaging API. These allow apps to access a range of information from Facebook profiles, like name, location and email address. Trustlook discovered […]


Application security, Mobile security

What to Do When a Memory Corruption on an Input String Generates a DoS

April 19, 2018

Via: Security Intelligence

We often think of vulnerabilities as complex technical problems that are difficult to discover and exploit. But if a special character, such as a foreign-language character, in an application running on a common operating system generates a memory corruption issue, […]


Application security

Don’t Trust Android OEM Patching, Claims Researcher

April 16, 2018

Via: Threat Post

Many Android device manufacturers are not telling the truth when they say they have patched phone vulnerabilities in new updates, researchers found. Karsten Nohl and Jakob Lell, researchers with Security Research Labs, told Threatpost they have tested the firmware on […]


Application security, Mobile security

Kaspersky Finds Crypto Miners in Android Apps Published on Google Play Store

April 6, 2018

Via: Softpedia

Security company Kaspersky has come across several Android apps published on the Google Play Store that come bundled with cryptocurrency miners. The Russian vendor says most of the apps were published in the sports section and offered capabilities like streaming […]


Application security, Cloud security

AWS Launches New Tools for Firewalls, Certificates, Credentials

April 5, 2018

Via: Security Week

Amazon Web Services (AWS) announced on Wednesday the launch of several tools and services designed to help customers manage their firewalls, use private certificates, and safely store credentials. Private Certificate Authority One of the new services is called Private Certificate […]


Application security

7 Deadly Security Sins of Web Applications

April 4, 2018

Via: Dark Reading

Web application attacks are on the rise, according to recent figures from Akamai, which logged a 10% increase in attacks from Q4 of 2016 to the same time period in 2017. “The vast majority of web application attacks are the […]


Application security, Vulnerabilities

Drupal to Patch Highly Critical Vulnerability This Week

March 26, 2018

Via: Security Week

Drupal announced plans to release a security update for Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28, 2018, aimed at addressing a highly critical vulnerability. The Drupal security team hasn’t provided information on the vulnerability and says it won’t […]


Application security, Vulnerabilities

An Introduction to HTTP Response Headers for Security

March 23, 2018

Via: Security Intelligence

The world is becoming more interconnected every day, and online services like social media and e-commerce are contributing to massive troves of sensitive business and personal data. These developments introduce new risks and vulnerabilities for cybercriminals to exploit via cross-site […]


Application security

What is SQL injection? This oldie but goodie can make your web applications hurt

February 26, 2018

Via: CSO Online

SQL injection, or SQLi, is one of the least sophisticated web application security attacks that can give an adversary complete control over your web application database. Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQLi was first discovered in […]