Internal code imperfections have lead to cross-site scripting (XSS) and SQL injections, with 68 percent of web apps surveyed vulnerable according to application security company Netsparker.
The Yale Home System (Europe) Android application vulnerable to a man-in-the-middle attack due to TLS errors .
SC sat down with Veracode's Chris Eng to talk about securing the internet of things and the future of cyber-regulation.
It's impossible to know how your latest IoT-enabled device is going to be used by the purchaser, so make sure that security is designed into your products from the beginning, says Paddy Srinivasan
Moderately-paced economic growth and relative decoupling from the fiscal commotions in Europe have improved the direction for enterprise IT in the UK.
Persistant attacks have become a state of permanent attack for some organisations according to a new report.
The Institute of Electrical and Electronics Engineers (IEEE) has formed a new advisory group with the private sector, and is already advising software developers to ensure that their applications are secure.
A new and potentially serious flaw has been discovered in all Android devices, from version 2.1 upwards. The flaw, dubbed `Fake ID' by BlueBox Labs, allows malware to impersonate trusted applications.
What are the risks posed by apps and hardware that cross the business/home divide? Dr Guy Bunker asks what policies and security approaches are required?
Researchers have spotted new attack vectors being used to exfiltrate company online banking credentials.
"Apple has an opportunity here to show us how it does security well and I hope they step up their game because the cybercriminals are out-innovating everyone on a daily basis," - Tim Keanini, Lancope CTO
This week's In Case You Missed It column looks at the state of anti-virus, ransomware going mobile and the EU's upcoming Data Protection Regulation.
New poll shows 94 percent of IT security professionals use third party apps on their mobile devices making it harder for IT to track and manage.
This week's In Case You Missed It column looks at Vladimir Putin's Internet views, bigger and badder DDoS attacks, and further reaction to OpenSSL and Heartbleed.
Mobile banking transactions may be on the rise, but banks may face an uphill struggle to keep them secure from cyber-criminals.
"This highlights the fine line between acceptable and unacceptable usage of your information" says Nigel Stanley, CEO of Incoming Thought.
A new report from F-Secure reveals that most companies lack the resources to update legacy applications, with this potentially being a serious security risk.
Surprising new research reveals that iPhone apps are 'more risky than Android' and also details that 90 percent of all top apps are under threat too.
Organisations are being "severely hampered" in the key area of applications security because of skills shortages, according to new research from the independent SANS Institute.
Tens of thousands of smartphone users have been hit by a new class of botnet that illicitly gathers information.
The Information Commissioner's Office (ICO) has warned developers that protecting app data is of paramount importance.
Hackers are increasingly targeting paid-for and iOS apps, according to a new study.
McAfee CTO Raj Samani advises companies to secure the business data before the device being used to access the information.
Attending a recent social event, I was able to get together with some major names from IT giant HP.
Modern attackers, by necessity, have become highly adaptable and customised to avoid traditional security, producing threats that are more sophisticated than ever.
The attack on Evernote that was reported last weekend could be deemed to be a new stage in the battle of man v password.
A survey of popular applications has revealed that most have SQL flaws, store sensitive details in an unencrypted format and have fragile backends.
On the first morning of the annual RSA Conference in San Francisco, I met with a company whose story began almost exactly a year ago.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- New PayPal phishing scam hooking victims
- Symantec products vulnerable to buffer overflow bug
- Call centre fraud spikes 45 percent as payment card security improves
- Anti-virus software stops surgery to scan medical monitor for malware
- The ransomware epidemic shows firms are failing the security basics
- SWIFT to update cyber-security policies as third heist pulled on user
- Surrey teenager charged under Computer Misuse Act over Mumsnet hack
- Resilience in the mid-market: Improving incident response capabilities of mid-sized organisations
- Industry's cyber-security "market failure" must be addressed
- Tech support scammers turn to screen locking malware to fleece victims