Category: Application security

Application security, Security

Wake up! Identify API Vulnerabilities Proactively, From Code Back to Production

July 23, 2021

Via: The Hacker News

After more than 20 years in the making, now it’s official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing. APIs have crucial roles […]

Application security, Security, Threats & Malware, Vulnerabilities

SolarWinds Issues Patches in Wake of Zero-Day Attacks

July 13, 2021

Via: DataBreach Today

Attackers have been exploiting a newly discovered zero-day flaw in SolarWinds software, the security vendor has warned. The vulnerability exists in Serv-U Managed File Transfer Server and Serv-U Secured FTP. SolarWinds has urged all users to immediately install an emergency […]

Application security, Security

Botnet attacks on APIs: Why most companies are unprepared

June 29, 2021

Via: CSO Online

As companies move applications to the cloud and expose functionality via application programming interfaces (APIs), criminals have been moving quickly to take advantage of this newly exposed attack surface. By using botnets, they can dramatically increase the reach and effectiveness […]

Application security, Mobile, Mobile security, Security

IoT Security: Thieves Are Targeting Smart Cameras — Here’s How To Stop Them

June 3, 2021

Via: Security Intelligence

Among the many important aspects of Internet of things (IoT) security, live cameras are one of the most open to misuse. People have been video snooping, watching private cameras and doing other sketchy things around connected cameras for many years. […]

Application security, Security

School Cybersecurity: How Awareness Training Removes Attackers’ Options

June 2, 2021

Via: Security Intelligence

Keeping student data safe and maintaining information security in education are part of living in today’s world for educators. Why is it important to include data security in their work? Find an example of how to set up a school […]

Application security, Security

Application security not a priority for financial services institutions

May 28, 2021

Via: Help Net Security

Contrast Security announced the findings of a report based on a comprehensive survey of development, operations, and security professionals and executives at enterprise-level financial services institutions. The report explores the state of application security at these organizations, and the findings […]

Application security, Cloud security, Security

Supply Chain Attacks: How To Reduce Open-Source Vulnerabilities

May 25, 2021

Via: Security Intelligence

When you read that software supply chain attacks increased 42% in the first quarter of 2021 over Q4 2020, you might think the cybersecurity problem was related to the traditional supply chain. Many people think of a supply chain as […]

Application security, Security

How API attacks work, and how to identify and prevent them

May 21, 2021

Via: CSO Online

In early May, fitness company Peloton announced that it had exposed customer account data on the internet. Anyone could access users’ account data from Peloton’s servers, even if the users set their account profiles as private. The cause: a faulty […]

Application security, Privacy protection, Security

Apple Removed 95,000 Fraudulent Applications From App Store in 2020

May 12, 2021

Via: Security Week

The company’s App Review team last year rejected roughly 200,000 applications that either contained hidden features or which were found to be spam, copycats, or attempting to trick users into making purchases. An additional 95,000 apps were removed for violating […]

Application security, Security

PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation

May 3, 2021

Via: Help Net Security

Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and operation on PCI-approved PIN Transaction Security (PTS) Point-of-Interaction (POI) devices. Software intended for deployment and […]