Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

Verizon’s 2016 Data Breach Investigations Report Demonstrates Traditional Approaches to AppSec Aren’t Working

jlavery's picture
By Jessica Lavery May 5, 2016  | Security News

It has taken me a few days to wade through all the data and information in this year’s Verizon Data Breach Investigations Report, but I’ve finally found the time to read it all the way to the end. As always, the report is full of interesting statistics about breach and incident trends. While each section of the report offered valuable insights and information, I found the section on... READ MORE

Examining Dark Territory With Fred Kaplan

jlavery's picture
By Jessica Lavery May 4, 2016  | Security News

On Tuesday night at RSA, Veracode held a book launch of Fred Kaplan’s Dark Territory: The Secret History of Cyber War. Kaplan was on site to sign copies of his book and to discuss the history of cyber war. That’s right, history, not future, of cyber war. Dark Territory looks back at the history of cyber war. Opening with a story from the Reagan administration, the book then examines... READ MORE

This Week's AppSec News Roundup

eseymour's picture
By Eric Seymour April 29, 2016  | Security News

Our weekly application security news roundup for April 25 to April 29 2016 features the 2016 Verizon report on data braches, details on the Bangladesh Central Bank breach and a breach at Qatar’s largest bank. Read on for details on the following headlines:  Verizon releases its annual data breach report, How Bangladesh Central Bank was hacked, IoT security growing, Breach at Qatar... READ MORE

Peripheral Security Issues Today Are Anything But Peripheral

eschuman's picture
By Evan Schuman April 25, 2016  | Security News

Last week, Microsoft issued an optional security alert relating to peripherals and specifically mice. Until the patch is implemented, Microsoft said, the peripheral could receive plain English—aka QWERTY—key packets in keystroke communications issued from receiving USB wireless dongles to the RP addresses of wireless mouse devices. This is a fine way for cyberthieves to hijack... READ MORE

My View of the Evolving Threat Landscape

sporemba's picture
By Sue Poremba April 19, 2016  | Security News

One of the most difficult challenges in cybersecurity – perhaps the most difficult challenge, depending on who you talk to – is how quickly the threat landscape changes and shifts. It seems as if no sooner is one set of security protocols in place, new regulations and compliances are required or the attack vector changes. It’s no wonder that so many companies struggle with... READ MORE

This Week's AppSec News Roundup

eseymour's picture
By Eric Seymour April 16, 2016  | Security News

Our weekly application security news roundup for April 11 to April 15 2016 features commentary on Badlock, ransomware trends and a new Internet security threat report. Read on for details on the following headlines: Badlock vulnerability is not critical, Two major insurers enter cyber insurance arena, Symantec issues Internet security threat report, A new type of ransomware emerges, The U.S.... READ MORE

Badlock Is A Serious Hole, But How It Was Preannounced Is A Disgrace

eschuman's picture
By Evan Schuman April 14, 2016  | Security News

There is something unnerving—and even a tad repugnant—about announcing that there's a massive security hole and that it won't be patched for weeks. Welcome to Badlock. What possible legitimate security goal is advanced by this publicity stunt? The bug, which marketers for Samba dubbed Badlock, is extremely serious and potentially disruptive, which is what makes the... READ MORE

This Week's AppSec News Roundup

eseymour's picture
By Eric Seymour April 1, 2016  | Security News

Our weekly application security news roundup for March 28 to April 1 2016 features “Google dorking,” another healthcare institution malware victim, new Android vulnerability, and details on Petya ransomware. Read on for details on the following headlines: Investigators suspect “Google dorking” in Iranian hackers’ attempt to attack a New York dam, Healthcare... READ MORE

Hospitals Are Security's Biggest Nightmare

eschuman's picture
By Evan Schuman March 31, 2016  | Security News

Cyberattacks on hospitals represent the true security nightmare scenario. It combines privacy risks far more severe than attacks on the largest banks or retailers with life-and-limb risks that rival remote takeovers of nuclear power plants and cars. An attacker could change the type and quantity of a prescribed drug, steal and sell intimate medical details and change test findings, which could... READ MORE

This Week's AppSec News Roundup

eseymour's picture
By Eric Seymour March 25, 2016  | Security News

Our weekly application security news roundup for March 21 to 25 2016 features Badlock, the security of hospitals and federal agencies, and a new Android vulnerability. Read on for details on the following headlines:  The Badlock bug will be disclosed in April Verizon’s breach division attacked Federal agency security incidents are on the rise New report shows federal agencies fall... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu