Items Tagged with "Application Security"


69dafe8b58066478aea48f3d0f384820

Researchers Unveil Advanced Malware Detection Method

June 29, 2012 Added by:Headlines

Unlike traditional malware detection tools, RiskRanker does not rely on malware samples and signatures already identified. It is able to identify applications that exhibit signs of malicious code while they are still in the marketplace, before the malware is downloaded onto potential victim's mobile devices...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

KeePass Vulnerability Exposes Password Lists

June 28, 2012 Added by:Headlines

“The bug will be injected on the remote way, affects the local validation (html/xml) and change the technic back when remotely transferring the password lists. The injection of the malicious URL/domain context can be done via auto save of URLs (victim) or manually (reproduce)," the researchers stated...

Comments  (1)

68b48711426f3b082ab24e5746a66b36

Five Reasons Why You Need an Application Security Program

June 28, 2012 Added by:Fergal Glynn

Many organizations looking at application security for the first time struggle with why they should take a programmatic approach to tackling application security. The simple fact is that if someone wants your intellectual property, they are going to use software you bought, built or outsourced to get at it...

Comments  (0)

Af9c34417f8e5e0d240850bb353b5d40

In Secure Programming, the Documentation Matters Too

June 28, 2012 Added by:Keith Mendoza

Some will argue that using the documentation is a cop out; that it's more of a liability protection than "secure programming". I would argue that the documentation should be part of the "secure programming" practice because it makes it clear to everyone what they should expect from the application...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Security and Privacy for Microsoft Office 2010 Users

June 27, 2012 Added by:Ben Rothke

Encryption, privacy, data protection, and macro security are but a few of the vital capabilities for anyone using Microsoft Office - or any office suite for that matter. Author Mitch Tulloch shows how to take control of the Microsoft Office 2010 experience and use the many security and privacy features...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Resilient Enterprise: Learning to Fail Part 2

June 25, 2012 Added by:Rafal Los

Failing with the support of a DevOps tribe can lead to a more resilient enterprise and ultimately better enterprise security. In the following few sections we're going to take a look at combining tools, processes and the tribe mentality to solve some otherwise ugly problems - and come out the other side...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Resilient Enterprise: Learning to Fail

June 22, 2012 Added by:Rafal Los

If the agile enterprise is to become a reality, not just something we talk about and write books about, then it needs to be a core ideal, served by every technical and non-technical function and products and services to enable that core ideal. The road to the agile enterprise starts with an awakening to DevOps...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Static Analysis: Hopper’s Decompiler Feature

June 22, 2012 Added by:Fergal Glynn

After reading this tutorial, hopefully binaries will appear less inscrutable and magical, and you will understand why reverse engineers laugh in the face of programmers who think no one will understand their awesome secret algorithm without the source code. Don’t count on “but it’s compiled” as a security feature...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

The Five Most Important Reasons to Perform Network Auditing

June 21, 2012 Added by:Dan Dieterle

Network auditing may sound like an arduous task but, with the right tools and the right approach, it can be an easy to perform and critical aspect of your network management. If you are not yet performing regular network auditing, use these five important reasons to convince management it’s time to start...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

ZitMo Trojan Lurks in Android Security Suite Premium App

June 19, 2012 Added by:Headlines

"One of the remote server domains was registered using the same fake data which was used for registering ZeuS C&Cs back in 2011. And the malware’s functionality is almost the same as in old ZitMo samples. Therefore ‘Android Security Suite Premium’ = New ZitMo"...

Comments  (0)

759c37c6aff04cd46262f93652b5fad5

SecureState Contributes to the SQLMap Project

June 18, 2012 Added by:Spencer McIntyre

Custom-coded applications make SQLi very difficult to exploit in an automated fashion, and most of detection tools are particularly effective against only a few select Database Management Systems (DBMSes). However, the open source SQLMap tool is capable of exploiting a variety of DBMSes....

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

No Copyrights on APIs: Judge Defends Interoperability and Innovation

June 18, 2012 Added by:Electronic Frontier Foundation

Judge Alsup, a coder himself, got it right when he wrote that “copyright law does not confer ownership over any and all ways to implement a function or specification of any and all methods used in the Java API.” It's a pleasure to see a judge so fundamentally understand the technology at issue...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Software Security is a Business Problem

June 14, 2012 Added by:Rafal Los

Information Security hasn't figured out how to actually approach the problem of insecure code. Security is still largely seen as the "not my problem" problem. It's not that developers have singled out security as something they want to ignore - it's that they've got too many other things to worry about...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Thirteen Tips to Secure Your Virtual Machine Environment

June 14, 2012 Added by:Brent Huston

Virtual environments are becoming more popular, enabling multiple OS environments and providing disaster recovery solutions. Safeguarding your virtual environment is vital, though it doesn’t have the same issues as a physical environment. Here are a few tips to keep things running smoothly...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

LulzSec Reborn vs Twitter and OAuth Security Issues

June 13, 2012 Added by:Pierluigi Paganini

The third-party authentication process implements the open standard for authorization, or OAuth, that allows users to share private resources stored on one site with another. The hack raises a serious question regarding the security level ensured by third-party authentication processes...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Path to NoOps is Through the Cloud

June 12, 2012 Added by:Rafal Los

So what is the single most valuable piece of technology that can push a development closer towards a NoOps methodology? I believe it's the adoption of cloud computing. While many of the security folks who read this blog are probably shaking their heads right about now, read on and let me convince you...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »