Web App Security

Fa42af438e58b799189dd26386f5870f

DigitalOcean Launches Public Bug Bounty Program

February 17, 2017 Added by:Ionut Arghire

Cloud computing platform DigitalOcean announced the public availability of its bug bounty program, after successfully running it in private mode.

Comments  (0)

Fa053a3185c9b7154992fb4bffe11e76

FriendFinder Breach Highlights the Need for Better Practice in Password Security

January 31, 2017 Added by:Donato Capitella

The FriendFinder Network breach is a perfect example of how poor password storage can exacerbate the impact of a breach and expose accounts to further exploitation.

Comments  (0)

C66e591693fd6e7b26fc5a60efb68817

Alan Turing, Undecidable Problems, and Malware

January 23, 2017 Added by:Kenneth Geers

In order to keep workers happy and productivity high, sometimes you have to run untrusted code. But that code should be run in quarantine, where it cannot damage your IT infrastructure.

Comments  (0)

18d2ccc39431a1f63d67dd3252263400

The Hidden Security Risks of Cloud APIs

December 02, 2016 Added by:Sam Rehman

With the inherent security flaws taken care of, cloud software can take full advantage of the benefits of APIs without exposing themselves or their clients to attack.

Comments  (0)

591c39c65cf5c298ccd0f1cd5818e961

Differential Privacy vs. End-to-end Encryption – It’s Privacy vs. Privacy!

October 12, 2016 Added by:Vanishree Rao

While differential privacy is a promising tool, implementing and deploying it while retaining the privacy of end-to-end encryption is challenging.

Comments  (0)

3dd71538193c3acd65ec65f95a45ac0b

What Is ID and Verification and Why Is It Such an Integral Part of Digital Life?

September 23, 2016 Added by:David Poole

ID&V is part of our lives and while there might be complaints about the inconvenience that obtrusive security plays in digital commerce, it is still an improvement on how things used to be.

Comments  (0)

0133c663c244df033c2eeb2248dfee32

What Elements Are Needed for Security Analytics Success?

August 23, 2016 Added by:Mike Paquette

Not all security analytics solutions are created equal. There are five key characteristics critically important to ensuring that your security analytics are effective and capable of stopping today’s advanced threats.

Comments  (0)

459a952dc77e8d9757246964dee7fd18

Pragmatic Steps to Manage File Data Leakage Risks

August 18, 2016 Added by:Scott Gordon

Next generation F-DRM solutions offer an effective and flexible technical control that can be applied today to reduce file data leakage risks across different infrastructure, collaboration methods, user types and business requirements.

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

SAP Cyber Threat Intelligence Report – August 2016

August 11, 2016 Added by:Alexander Polyakov

SAP has released the monthly critical patch update for August 2016. This patch update closes 30 vulnerabilities in SAP products including 26 SAP Security Patch Day Notes and 4 Support Package Notes.

Comments  (0)

Bff69da3ab11dd09027195fd431c4b09

Exploit Kits: Infiltrating the Ad Industry with Traditional Tactics

August 11, 2016 Added by:Karl Sigler

Exploit kits are increasingly using the evil twin of an advertisement, a malvertisement, as a gateway to a web browser.

Comments  (0)

Ad62dd51cf8a9e3d667bcdd92d493ccc

One Encryption Backdoor Is One Too Many

August 11, 2016 Added by:Joe Levy

Although the FBI no longer needs to force Apple to unlock an iPhone that belonged to one of the San Bernardino terrorists, the debate must continue. Strong encryption that cannot be exploited by external or internal actors is a must for any organization.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

PayPal Fixes CSRF Bug in PayPal.me Website

August 01, 2016 Added by:Ionut Arghire

PayPal recently resolved a cross-site request forgery (CSRF) vulnerability affecting the PayPal.me website, which could have allowed an attacker to change a user’s PayPal profile picture.

Comments  (0)

0133c663c244df033c2eeb2248dfee32

Fighting Alert Fatigue

July 06, 2016 Added by:Mike Paquette

By augmenting their efforts with behavioral analytics and machine learning, teams can be sure they reduce alert noise and fatigue while quickly identifying and addressing the issues that actually matter before they hurt their customers or the bottom line.

Comments  (0)

591c39c65cf5c298ccd0f1cd5818e961

Cloud Security Can’t Be Ignored Anymore, Thanks to Millennials

May 09, 2016 Added by:Vanishree Rao

Thanks to digital preferences of millennials, increased digitization and cloudification will drive the demand for cloud security products and services.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

Steam Patches Crypto Code to Prevent Padding Oracle Attacks

May 03, 2016 Added by:Ionut Arghire

Steam recently patched security vulnerabilities in its system to prevent attackers from tapping into the data transmitted between a local client and the Steam network to view plain-text passwords or take over accounts.

Comments  (0)

591c39c65cf5c298ccd0f1cd5818e961

End-to-end Encryption, Today -- Loophole Closed or Moved?

April 22, 2016 Added by:Vanishree Rao

End-to-end encryption does not solve the problem, despite the common perception that it is the holy grail of instant-messaging security. It is necessary that service providers shift their attention toward non-traditional key-derivation mechanisms to close the loophole.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »