Blog Posts Tagged with "Application Security"
Monitoring Site Traffic for Fraud Prevention
January 25, 2011 Added by:Richard Stiennon
Although deploying web application firewalls from Imperva or AppSec Inc. is the best way to defend against these attacks, more sophisticated attacks may take advantage of yet undiscovered vulnerabilities or use the very structure of the site to engage in fraudulent practices, often as authenticated users...
Comments (0)
Why Application Security Programs Fail
January 23, 2011 Added by:Rafal Los
Having clearly-defined and attainable goals of your Software Security Assurance program is more important than almost anything else. While there are many subtleties to building goals in any organization, without them being clearly defined and reachable you cannot expect anything else but failure...
Comments (0)
Credit Card Security in the Cloud
January 21, 2011 Added by:Danny Lieberman
Obviously, the standard was written by system administrators and not programmers because the notion of inter-process communications is ignored. Once we are running online transaction applications in the cloud, the notion of public networks becomes an antiquated given...
Comments (1)
Facebook Faux Paux Reveals Private Data
January 18, 2011 Added by:Headlines
The pop-up now includes a request for permission to access the user's address and cell phone number. The change is subtle enough that most Facebook users are apt to allow the application to access this data without even noticing...
Comments (0)
Cybersecurity's 'Perfect Storm' Made Landfall
January 17, 2011 Added by:Headlines
Security expert Mandeep Khera warned that the next decade would see an escalation in cybercrime and the use of cyberwarfare tactics. In light of the rise of the Stuxnet, the Zeus Trojan and the shifting strategies employed by online criminals, Khera's predictions are worth a revisit...
Comments (0)
McAfee's Top Targets for Emerging Threats in 2011
January 17, 2011 Added by:Robert Siciliano
This is McAfee Labs list comprises 2010′s most buzzed about platforms and services, all of which are expected to be major targets for cybercriminals in the coming year...
Comments (2)
Why Rich Web 2.0 May Break the Cloud
January 12, 2011 Added by:Danny Lieberman
In the Cloud of rich Web 2.0 application services, we are not in Kansas anymore. There is a very very good reason to be worried. With all the expertise of cloud security providers – the Web 2.0 service they provide is only as secure as the application software itself...
Comments (0)
Vulnerabilities - Who REALLY Cares?
January 08, 2011 Added by:Rafal Los
As we close out another year, and look back at all the data breaches that were enabled through the hundreds of thousands of helpfully vulnerable web applications -it's time to once again ask how we can prevent this in 2011...
Comments (1)
A Facebook Security Lockdown Guide
January 03, 2011 Added by:Headlines
Whittaker warns that if this is your first attempt at securing your profile, there is a chance that the damage has already been done. Nonetheless, taking a few minutes of your time to implement guide's recommendations could save you many hours of heartache down the road...
Comments (0)
2010 - A Quick Look Back to Look Forward
December 29, 2010 Added by:Rafal Los
So looking back on 2010 and where our footprints in the sand have led us to so far, I can't help but feel like we've been walking around in circles, talking about the same security issues over and over again but only changing up the words to make it look more appealing and calling it new...
Comments (0)
Top Eight Security Threats for 2011
December 28, 2010 Added by:Headlines
McAfee Labs threat research Vice President Dmitri Alperovitch has outlined his top eight picks for the security threats to be aware of over the next year. "We are seeing an escalating threat landscape in 2011," said Alperovitch...
Comments (0)
E-Readers May Be Tracking More Than You Know
December 17, 2010 Added by:Headlines
The devices may also be transmitting information such as the speed at which a user reads material, which pages were accessed, and more importantly where the user was at the time they read the material via geo-location capabilities...
Comments (1)
Why There Are No More Internal Applications
December 15, 2010 Added by:Rafal Los
That architects would score internal applications as low-risk automatically on the basis of being accessible only by people inside the corporate firewall made real security purists cry. But now there is a good chance these highly publicized developments may change hearts and minds...
Comments (1)
Cross-Site Scripting and Criminal Hacks
December 14, 2010 Added by:Robert Siciliano
JavaScript is everywhere, making the Internet pretty and most websites user friendly. Unfortunately, hackers have learned to manipulate this ubiquitous technology. Java can be used to launch a cross-site scripting attack, leveraging a vulnerability found in applications that incorporate Java...
Comments (1)
The Anatomy of a Breach
December 13, 2010 Added by:PCI Guru
Wal-Mart has a robust control environment. However, what this breach shows is that even with such an environment, a breach can still occur. That is not to say that Wal-Mart did not make mistakes and it is those mistakes that I want to point out so that we can all learn...
Comments (0)
Security Strategy: From Requirements to Reality
December 13, 2010 Added by:Ben Rothke
Without a deeply embedded structured approach to security systems design, Anderson argued that we find ourselves in the situation we are in today, with applications and operating systems full of bugs, vulnerabilities and other serious security flaws...
Comments (0)
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!