Category: Application security

Application security

What is SQL injection? This oldie but goodie can make your web applications hurt

February 26, 2018

Via: CSO Online

SQL injection, or SQLi, is one of the least sophisticated web application security attacks that can give an adversary complete control over your web application database. Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQLi was first discovered in […]

Access control, Application security

OpenSSL alpha adds TLS 1.3 support in the alpha version of OpenSSL 1.1.1

February 16, 2018

Via: Security Affairs

OpenSSL adds TLS 1.3 (Transport Layer Security) supports in the alpha version of OpenSSL 1.1.1 that was announced this week. OpenSSL adds TLS 1.3 supports in the alpha version of OpenSSL 1.1.1 that was announced this week. TLS protocol was […]

Access control, Application security

Scary apps on Google Play, and what to do about them

February 14, 2018

Via: Kaspersky Blog

Jane, the mother of seven-year-old Samantha, was in the next room when she heard a horrible voice coming from the smartphone her daughter was playing with. She came running into the room as the voice continued: “You look afraid, is […]

Application security

Google Says It Banned 700,000 Android Apps Last Year

January 31, 2018

Via: Softpedia

Google removed more than 700,000 Android apps from the Google Play Store last year, according to statistics provided by Andrew Ahn, Product Manager, Google Play, and this represents an increase of 70% over 2016. Ahn says no less than 99% […]

Application security, Security, Threats & Malware, Vulnerabilities

On Saturday Malwarebytes delivered a buggy update that caused excessive memory usage and crashes.

January 29, 2018

Via: Security Affairs

On Saturday Malwarebytes issued a buggy update to its home and enterprise products that caused serious problems for the users, including excessive memory usage, connectivity issues, and in some cases system crashes. A buggy update rolled out over the weekend […]

Application security, Cloud security

PureSec Emerges From Stealth With Security Product for Serverless Apps

January 17, 2018

Via: Security Week

Tel Aviv, Israel-based startup PureSec emerged from stealth mode on Wednesday with a security platform designed for serverless architectures and a guide that describes the top 10 risks for serverless applications. Founded by Shaked Zin (CEO), Avi Shulman (VP of […]

Application security, Vulnerabilities

BlackBerry Launches Security Product for Automotive, Other Industries

January 16, 2018

Via: Security Week

BlackBerry announced on Monday the launch of Jarvis, a new cybersecurity service designed to help companies in the automotive and other sectors find vulnerabilities in their software. Jarvis has been described by BlackBerry as a cloud-based static binary code analysis […]

Application security

Security Flaws Found in Majority of SCADA Mobile Apps

January 11, 2018

Via: Security Week

Researchers from IOActive and Embedi have conducted an analysis of SCADA mobile applications from 34 vendors and found vulnerabilities in a vast majority of them, including flaws that can be exploited to influence industrial processes. Two years ago, researchers Alexander […]

Application security, Security

Browser data leakage bug – Mozilla to delete info just in case

January 2, 2018

Via: Naked Security

Mozilla published an unexpected security patch this week, bumping Firefox up to version 57.0.3. (You probably weren’t expecting a browser update between Christmas and New Year, but it’s good to know that security fixes don’t take second place in holiday season.) […]

Application security, Mobile security

What’s in your Android’s December security update?

December 14, 2017

Via: Naked Security

At the beginning of the month, Android relased two new security bulletins for December, with Google noting that Android users who can update this month should patch as soon as possible to receive mitigations and fixes for 47 vulnerabilities across all […]