API vulnerabilities are the sleeping giant of our technology-led world. The threats posed by an exposed API are significant, yet, they remain the most overlooked threat to information security today says Jason Macy
Patching and application control should be first on the list to strengthen your organisation against attack, but take a strategic approach, and don't just patch for the latest WannaCry, but for the next big attack too says Amber Boehm.
Colin Domoney discusses how to build a successful application security team based on his own experiences.
Internal code imperfections have lead to cross-site scripting (XSS) and SQL injections, with 68 percent of web apps surveyed vulnerable according to application security company Netsparker.
The Yale Home System (Europe) Android application vulnerable to a man-in-the-middle attack due to TLS errors .
SC sat down with Veracode's Chris Eng to talk about securing the internet of things and the future of cyber-regulation.
It's impossible to know how your latest IoT-enabled device is going to be used by the purchaser, so make sure that security is designed into your products from the beginning, says Paddy Srinivasan
Moderately-paced economic growth and relative decoupling from the fiscal commotions in Europe have improved the direction for enterprise IT in the UK.
Persistant attacks have become a state of permanent attack for some organisations according to a new report.
The Institute of Electrical and Electronics Engineers (IEEE) has formed a new advisory group with the private sector, and is already advising software developers to ensure that their applications are secure.
A new and potentially serious flaw has been discovered in all Android devices, from version 2.1 upwards. The flaw, dubbed `Fake ID' by BlueBox Labs, allows malware to impersonate trusted applications.
What are the risks posed by apps and hardware that cross the business/home divide? Dr Guy Bunker asks what policies and security approaches are required?
Researchers have spotted new attack vectors being used to exfiltrate company online banking credentials.
"Apple has an opportunity here to show us how it does security well and I hope they step up their game because the cybercriminals are out-innovating everyone on a daily basis," - Tim Keanini, Lancope CTO
This week's In Case You Missed It column looks at the state of anti-virus, ransomware going mobile and the EU's upcoming Data Protection Regulation.
New poll shows 94 percent of IT security professionals use third party apps on their mobile devices making it harder for IT to track and manage.
This week's In Case You Missed It column looks at Vladimir Putin's Internet views, bigger and badder DDoS attacks, and further reaction to OpenSSL and Heartbleed.
Mobile banking transactions may be on the rise, but banks may face an uphill struggle to keep them secure from cyber-criminals.
"This highlights the fine line between acceptable and unacceptable usage of your information" says Nigel Stanley, CEO of Incoming Thought.
A new report from F-Secure reveals that most companies lack the resources to update legacy applications, with this potentially being a serious security risk.
Surprising new research reveals that iPhone apps are 'more risky than Android' and also details that 90 percent of all top apps are under threat too.
Organisations are being "severely hampered" in the key area of applications security because of skills shortages, according to new research from the independent SANS Institute.
Tens of thousands of smartphone users have been hit by a new class of botnet that illicitly gathers information.
The Information Commissioner's Office (ICO) has warned developers that protecting app data is of paramount importance.
Hackers are increasingly targeting paid-for and iOS apps, according to a new study.
McAfee CTO Raj Samani advises companies to secure the business data before the device being used to access the information.
Attending a recent social event, I was able to get together with some major names from IT giant HP.
Modern attackers, by necessity, have become highly adaptable and customised to avoid traditional security, producing threats that are more sophisticated than ever.