Application Security

Constant attack a growing reality

Constant attack a growing reality

By

Persistant attacks have become a state of permanent attack for some organisations according to a new report.

IEEE looks to raise security standards among software developers

IEEE looks to raise security standards among software developers

By

The Institute of Electrical and Electronics Engineers (IEEE) has formed a new advisory group with the private sector, and is already advising software developers to ensure that their applications are secure.

Fake ID Android flaw allows apps to be impersonated

Fake ID Android flaw allows apps to be impersonated

By

A new and potentially serious flaw has been discovered in all Android devices, from version 2.1 upwards. The flaw, dubbed `Fake ID' by BlueBox Labs, allows malware to impersonate trusted applications.

Blurring the lines between business and home

Blurring the lines between business and home

What are the risks posed by apps and hardware that cross the business/home divide? Dr Guy Bunker asks what policies and security approaches are required?

Windows app privileges subverted

Windows app privileges subverted

By

Researchers have spotted new attack vectors being used to exfiltrate company online banking credentials.

Apple iOS8: more open, but is it secure?

Apple iOS8: more open, but is it secure?

By

"Apple has an opportunity here to show us how it does security well and I hope they step up their game because the cybercriminals are out-innovating everyone on a daily basis," - Tim Keanini, Lancope CTO

ICYMI: "Dead" anti-virus, mobile ransomware; more EU DPA problems

ICYMI: "Dead" anti-virus, mobile ransomware; more EU DPA problems

By

This week's In Case You Missed It column looks at the state of anti-virus, ransomware going mobile and the EU's upcoming Data Protection Regulation.

Islands of identity hard to track

New poll shows 94 percent of IT security professionals use third party apps on their mobile devices making it harder for IT to track and manage.

ICYMI: Putin's rage, DDoS attacks, and post-Heartbleed OpenSSL

ICYMI: Putin's rage, DDoS attacks, and post-Heartbleed OpenSSL

By

This week's In Case You Missed It column looks at Vladimir Putin's Internet views, bigger and badder DDoS attacks, and further reaction to OpenSSL and Heartbleed.

Researchers demo iOS banking app hack

Researchers demo iOS banking app hack

By

Mobile banking transactions may be on the rise, but banks may face an uphill struggle to keep them secure from cyber-criminals.

LinkedIn plug-in mines for user email addresses

LinkedIn plug-in mines for user email addresses

By

"This highlights the fine line between acceptable and unacceptable usage of your information" says Nigel Stanley, CEO of Incoming Thought.

Only 6 in 10 firms say their software is always up-to-date

Only 6 in 10 firms say their software is always up-to-date

By

A new report from F-Secure reveals that most companies lack the resources to update legacy applications, with this potentially being a serious security risk.

iPhone apps are 'more risky than Android'

iPhone apps are 'more risky than Android'

By

Surprising new research reveals that iPhone apps are 'more risky than Android' and also details that 90 percent of all top apps are under threat too.

App security 'severely hampered' by skills shortage

App security 'severely hampered' by skills shortage

By

Organisations are being "severely hampered" in the key area of applications security because of skills shortages, according to new research from the independent SANS Institute.

Thousands of smartphones infected with 'spy' malware

Thousands of smartphones infected with 'spy' malware

By

Tens of thousands of smartphone users have been hit by a new class of botnet that illicitly gathers information.

ICO warns software developers on data privacy

ICO warns software developers on data privacy

The Information Commissioner's Office (ICO) has warned developers that protecting app data is of paramount importance.

Cyber criminals cracking more paid-for and Apple apps than ever before

Cyber criminals cracking more paid-for and Apple apps than ever before

Hackers are increasingly targeting paid-for and iOS apps, according to a new study.

McAfee EMEA CTO: Protect the data first, then the device

McAfee EMEA CTO: Protect the data first, then the device

McAfee CTO Raj Samani advises companies to secure the business data before the device being used to access the information.

HP seeks secret sauce to fill the gaps

HP seeks secret sauce to fill the gaps

By

Attending a recent social event, I was able to get together with some major names from IT giant HP.

Fighting blind: The convergence of modern applications, SSL and advanced threats

Fighting blind: The convergence of modern applications, SSL and advanced threats

By

Modern attackers, by necessity, have become highly adaptable and customised to avoid traditional security, producing threats that are more sophisticated than ever.

Evernote - a story that has combined all security trends?

Evernote - a story that has combined all security trends?

By

The attack on Evernote that was reported last weekend could be deemed to be a new stage in the battle of man v password.

Research reveals reality of mobile application flaws

Research reveals reality of mobile application flaws

By

A survey of popular applications has revealed that most have SQL flaws, store sensitive details in an unencrypted format and have fragile backends.

Appthority on mobile risk management

Appthority on mobile risk management

By

On the first morning of the annual RSA Conference in San Francisco, I met with a company whose story began almost exactly a year ago.

(ISC)² report highlights skills shortages in a healthy sector

By

Despite information security being a stable and growing profession with many career opportunities, the skills shortage is biting businesses hard.

Windows XP applications slowly cause fear for businesses

Windows XP applications slowly cause fear for businesses

By

Enterprises could be left with vulnerable applications due to system migrations, specifically those that are written to work within the Windows XP operating system.

AirWatch offers app wrapping as part of application management launch

By

AirWatch has announced the launch of an 'app wrapping engine' to add security features to internal apps without writing any additional source code.

Dell SecureWorks adds cloud-based vulnerability management and web application scanning services

By

Dell SecureWorks has introduced vulnerability management and web application scanning services for the cloud.

Externally developed applications fail compliance tests and do not comply with standards

By

Around two-thirds of mission-critical applications are developed externally and are not compliant with industry standards.

Survey: CISOs worried about insiders, data breaches

By

Eighty per cent of CISOs believe their company's own employees and contractors are the greatest threat to company data, according to a new study conducted by security vendor NetWitness and audit-and-information-security training company MIS Training Institute.

Sign up to our newsletters