August 13, 2015
Via: vulnerabilitiesElastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing attacks to steal end-users’ login credentials and hijack accounts. On August 10, Salesforce patched the […]
June 3, 2015
Via: mobile#google unveiled the developer preview of the next version of #android at its annual I/O developer conference last week, and there’s a big difference from previous versions in how it will handle user #data. Instead of forcing users to accept a long list […]
May 29, 2015
Via: vulnerabilitiesDuring his talk at the #hack in the Box conference, Alexey Tyurin, Head of the Oracle Security Department at ERPScan, spotlighted several vulnerabilities in Oracle PeopleSoft applications. Oracle is the second largest vendor on the ERP market, and its PeopleSoft is […]
May 28, 2015
Via: privacy-protectionUber Technologies is set to tweak its #privacy #policy so it can access a rider’s location when the Uber app is running in the background. The change in policy will also allow it to send special offers to users’ friends and […]
May 17, 2015
Via: vulnerabilitiesA Polish research group claims there are still several outstanding vulnerabilities in Google App Engines for Java, including three complete Java sandbox escapes. After three weeks of radio silence from Google, it decided to disclose on Friday the vulnerabilities, along […]
May 10, 2015
Via: mobile-securityA design constraint of #touch id limits its applicability to authorised actions on a device. Here’s what app developers and end users need to know. #apple‘s Touch ID recognises fingerprints and tells you whether the fingerprint on the sensor has […]
May 5, 2015
Via: application-securityThe gap between application builders (developers and development organizations) and defenders (security and operations teams responsible for securing apps) is closing slightly, according to SANS. “This year’s survey shows that builders and defenders are finding better ways of working together”, says […]
May 3, 2015
Via: cyber-crimeThe president of one of the world’s biggest computer security vendors says he is skeptical that a stronger government role in cyberdefense will abate the growing number of attacks. In an interview with IDG News Service, Amit Yoran, president of […]
May 3, 2015
Via: application-securityIn this podcast recorded at RSA Conference 2015, Wolfgang Kandek, CTO at #qualys, talks about the recently announced Qualys Web Application Firewall(WAF) version 2.0, that comes fully integrated with the Qualys Web Application Scanning solution (WAS). The new release includes virtual […]
April 28, 2015
Via: application-securityAt RSA Conference 2015 AppSense announced the release of AppSense Application Manager version 8.9. Application Manager 8.9 leverages AppSense’s decade-plus experience balancing desktop IT needs and user acceptance to accelerate initiatives that require scalable application control on any version of […]
April 22, 2015
Via: application-securityIf you can’t wait for that critical patch to secure your system from some just-discovered bug, IT security firm Qualys may have an answer through new security software that can secure the trouble spot until the patch arrives. The feature, […]
April 21, 2015
Via: cyber-crime#cyber attacks remain a persistent #threat and have become sophisticated in size and scope. DoS, SQL injections and cross-site scripting are the most common web #attack vectors, increasing in popularity. As migration to the #cloud continues and expands, companies today […]
April 15, 2015
Via: cloud-securityNetskope found that more than seven out of ten uploads from users with compromised accounts are to apps with a “poor” rating in the Netskope Cloud Confidence Index. Additionally, 21.6 percent of logins to the Salesforce app come from compromised […]
April 6, 2015
Via: mobile-securityGoogle has put some hard numbers behind the effectiveness of the security enhancements it has dropped into Android in the past year, and results show that things such as SE Linux (SE Android), Verify Apps and Safety Net have cut […]
March 29, 2015
Via: mobile-securityMobile malware is a growing problem, but researchers from University of Alabama at Birmingham have figured out a new way of detecting when shady mobile apps get up to no good, such as trying to call premium-rate numbers unbeknowst to […]
March 24, 2015
Via: mobileThe South Korean device maker is, for the first time, giving its customers access to #microsoft services and apps in its newest smartphones and tablets. At the same time, #samsung is allowing customers to strip away apps and bloatware they […]
March 17, 2015
Via: application-securityMore than two-thirds (67 per cent) of organizations admit that unauthorized #cloud applications are being implemented without IT’s knowledge or involvement, and correspondingly pose a #security risk to the #business. This is according to a snapshot poll by Centrify at […]
March 16, 2015
Via: threats-and-malwareIf you use the Internet, you have probably had to prove your identity by jumping through an extra hoop. Perhaps it was entering the code from a special app, or copying the code from a text message. But if that […]
March 11, 2015
Via: application-security#android apps that use #dropbox for #storage and are built using an older version of its #sdk are vulnerable to an attack that can steal data, although Dropbox has released a fix, according to IBM #security researchers.IBM’s #application security research […]