Laura Paine is a senior product marketing manager at Veracode, based in Burlington, MA.
- Capital One Benefits From Responsible Disclosure Program Following Massive Data Breach
This blog post was updated on August 1, 2019 to include additional details uncovered as a result of the ongoing investigation associated with the Capital One data breach. Capital One’s data breach may be one for the record books, impacting as many as 106 million U.S. and Canadian credit applicants dating back to as early as 2005. While it’s natural to want to draw parallels to the 2017 Equifax… READ MORE
Stay up to date on Application Security
On Wednesday, Louisiana Governor John Bel Edwards declared a state of emergency following a series of cyberattacks impacting the computer and phone systems of several of the state’s school districts. The declaration, which will remain in place for the entire state until Aug. 21, is out of concern that the attacks could spread to affect other organizations in local and state government. According… READ MORE
The Information Commissioner’s Office (ICO) has handed British Airways what it claims is the biggest penalty – and the first to be made public under new rules – since the General Data Protection Regulation (GDPR) came into play last year. According to the ICO, 500,000 customers had their personal information compromised during the 2018 breach, and the airline needs to pay up – to the tune of £183… READ MORE
According to a new research report from Information Security Forum (ISF), only 32 percent of its membership is satisfied with their security assurance program – though 80 percent say that they want to take a more business-focused approach to security. Given the ever-evolving threat landscape, security leaders understand that they always need their finger on the pulse of how secure their… READ MORE
Most legacy applications were not developed with security in mind. However, modern businesses and organizations are continuing to undergo digital transformation in order to pursue new business models and revenue channels, as well as giving their customers or constituents a simplified experience. This often means selecting cloud-based tools and solutions that allow for the scalability necessary to… READ MORE
The State of Software Security Volume 9 (SOSS Vol. 9) found that the healthcare industry, with its stringent regulations, received relatively high marks in many of the standard AppSec metrics. According to Veracode scan data, healthcare organizations ranked highest of all industries on OWASP pass rate on latest scan, coming in with a rate just over 55 percent. Our flaw persistence analysis shows… READ MORE
Quest Diagnostics has reported that nearly 12 million patients’ may have been impacted by a breach into American Medical Collection Agency (AMCA), the medical testing company’s third-party billing provider. According to a data breach filing with the Security and Exchange Commission, as many as 11.9 million patients may have had their credit card, banking, medical information, and other personal… READ MORE
On Monday, The Financial Times reported that attackers have been exploiting a buffer overflow vulnerability in the popular messaging service WhatsApp. The vulnerability has been fixed, and updates were released on Friday. WhatsApp, owned by Facebook, is urging both iPhone and Android users to update the app as soon as possible. Veracode’s State of Software Security Volume 9 found that buffer… READ MORE
According to the 2019 Verizon Data Breach Investigations Report, there was a noticeable shift toward financially motivated crime (80 percent), with 35 percent of all breaches occurring as a result of human error, and approximately one quarter of breaches occurring through web application attacks. These attacks were mostly attributable to the use of stolen credentials used to access cloud-based… READ MORE
- Learning From the Vodafone-Huawei Backdoor Scandal
Yesterday, Bloomberg reported that Vodafone uncovered hidden backdoors in Huawei equipment used for the carrier’s Italian business, which could have given Huawei unauthorized access to Italian homes and businesses. The alleged backdoors were found in 2011 and 2012, and Vodafone told Bloomberg that the issues were resolved at the time. However, the BBC published a piece this morning in which… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.