An audit of 1,000 open-source serverless applications carried out by serverless security company PureSec has revealed that 21 percent of such applications feature critical security vulnerabilities that can be exploited.
Security researchers have revealed an extremely complex cryptojacking attack dubbed RedisWannaMine. Researchers say RedisWannaMine is aimed at both database servers and application servers.
Despite a lack of appropriate visibility and control measures in place, cloud-based HR applications are now the most highly used cloud applications across organisations, with 139 such apps being used by organisations on average.
A cyber-criminal managed to infiltrate the Mac app download site MacUpdate and install maliciously copies of the Firefox, OnyX, and Deeper applications that were in fact cryptocurrency miners.
Enterprises are developing and using enterprise applications on a large scale for various purposes, but a lack of encryption, coupled with serious security flaws in such applications, is also rendering enterprises vulnerable.
A quirky bug in Apple's Messages application is allowing a malicious GitHub link to cause crashes and other bothersome behaviour on both macOS and iOS machines.
AI driven applications rely on machine learning to make decisions but they cannot yet think for themselves though that is coming. Neural networks and expert systems may be inspired by the human brain, but there is little comparison.
A newly discovered mobile adware program called LightsOut was recently observed in 22 fake Android flashlight and utility applications, reportedly prompting their removal from the Google Play Store.
API vulnerabilities are the sleeping giant of our technology-led world. The threats posed by an exposed API are significant, yet, they remain the most overlooked threat to information security today says Jason Macy
The Institute of Electrical and Electronics Engineers (IEEE) has formed a new advisory group with the private sector, and is already advising software developers to ensure that their applications are secure.
First step, identify jailbroken devices on your network, says Vince Arneja, then alter data processing and execution modes to protect your data.
Researchers have spotted new attack vectors being used to exfiltrate company online banking credentials.
Kaspersky Lab UK has spotted an increase in the number of fake anti-virus apps appearing in mobile app stores, with two recent programs imitating the firm's own products.
As another week in information security zips by, we look at the top stories in our weekly In Case You Missed It (ICYMI) column.
Chart-topping paid-for Android security app does absolutely nothing
"This highlights the fine line between acceptable and unacceptable usage of your information" says Nigel Stanley, CEO of Incoming Thought.
A new report from F-Secure reveals that most companies lack the resources to update legacy applications, with this potentially being a serious security risk.
A new class of security vulnerability that is "highly suspected" to affect all of the almost one billion Android devices in existence has been discovered by a research team from Indiana University and Microsoft.
Popular messaging service WhatsApp is facing up to another PR disaster after a security researcher found that others could access private chats through downloaded Android apps.
Boosting an iPhone app into the top five of Apple's China app store costs around £5,800 says Trend Micro, while 10,000 android downloads cost £3.90.
Security stress testing needs to happen at the development stage says Grayson Milbourne, Director of Security Intelligence at Webroot, who looks at the lessons learned from Snapchat
Facebook's updated Android application is under fire with the latest iteration requiring user permission to read SMS messages.
The tech giant removed browser extensions from its Chrome store after finding that both hosted malware serving up intrusive ads.
Secure messaging app provider Wickr has joined the top echelon of software developers by launching a bug bounty programme that offers up to US $100,000 for hackers who can find flaws in its software.
The Information Commissioner's Office (ICO) has warned developers that protecting app data is of paramount importance.
Many more personal mobile devices will arrive in the office after Chrismas, so sort out your security policies now advises Leon Ward.
Vendors are often releasing patches months after vulnerabilities are discovered, leaving businesses open to attack, experts have warned.
Hackers are increasingly targeting paid-for and iOS apps, according to a new study.
Fresh from Twitter implementing two-factor authentication last week, accounts for ITV news and Sky were hacked over the weekend.
SaaSID has launched the second version of its cloud application manager to offer a unified format for managing user's authentication credentials.