Security News

Check in here for all the late-breaking AppSec news, including details about new vulnerabilities and recent breaches.

How to Get Developers and Security to Win-Win This Cyber Security Awareness Month

jzorabedian's picture
By John Zorabedian October 5, 2016  | Security News

October is National Cyber Security Awareness Month (NCSAM), a commendable public-private initiative focused on training businesses and users in practicing better digital hygiene. If there’s one drawback to awareness programs like NCSAM, it’s the potential for awareness to spike in the short-term and fall off in the long-term. Without follow-up training and continuous learning,... READ MORE

How Soon Will We See the First Billion-Dollar Security Vulnerability?

jzorabedian's picture
By John Zorabedian October 3, 2016  | Security News
Billion dollar security breach.

In a shocking announcement last month, Yahoo confirmed that data on 500 million user accounts was compromised in 2014, the largest data breach in history. Could it also become the most expensive?" Yahoo is in the final phases of a deal with Verizon to sell itself to the telecom giant for a mind-boggling sum of $4.8 billion. The breach bombshell can’t have gone over well in Verizon... READ MORE

Why Apple Won't Ever House A Security Backdoor

eschuman's picture
By Evan Schuman October 3, 2016  | Security News
Apple and software backdoors.

Much has been written about Apple's official stance against giving law enforcement an encryption backdoors into its customers' files. And Apple's firm position against a backdoor has been painted as a marketing decision, as it gives people a really good reason to buy Apple devices instead of Android or something else. On top of that reality is the argument that a backdoor isn't... READ MORE

Podcast: Cyberwar and Voter Fraud

jlavery's picture
By Jessica Lavery September 30, 2016  | Security News
Voter Fraud by Hacking is Possible

Can it really happen? The Hollywoodesque version of cyber voter fraud would go like this – an enemy nation state would support the candidate they felt best represents their interest. This government would possibly find ways to infuse money into the candidate’s campaign. Not content with simply influencing the election with illegal campaign funds and propaganda, the nation state would... READ MORE

The Push to Replace Passwords

sporemba's picture
By Sue Poremba September 25, 2016  | Security News 3
Is password security weakening?

At Black Hat 2016, Thycotic conducted a survey of both self-identified white hat and black hat hackers. In part, the survey found that more than 75 percent of respondents believe no password is safe from hackers or the government, and nearly half said they would be willing to hack your password for a fee if asked by the FBI. It’s yet another bad rap on passwords, which have been the... READ MORE

Security's Weak Communications Skills Can Undermine Safety

eschuman's picture
By Evan Schuman September 23, 2016  | Security News
Communication takes effort and time, poor communication will hinder results!

It's hardly a revelation that hardcore security veterans are not at the pinnacle of clear communication. And the more technical the talent, in general, the weaker the communication. For most in IT and almost everyone in corporate outside of IT, this is generally dismissed as a fact-of-life. But I've recently started to wonder if this isn't a bigger problem and one that can undermine... READ MORE

Could How A Shopper Types Be The Best Authentication?

eschuman's picture
By Evan Schuman September 20, 2016  | Security News

It's not what you say, but how you say it. That piece of advice, which has given to countless politicians and executives over the decades, might be the premise behind an intriguing knew approach to biometric authentication. Although to be precise, it's closer to "It's not what you type, but how you type it." The value of any authentication system is based on a balancing act... READ MORE

Why Age Verification Needs To Be A Key Part Of Your Security Strategy

eschuman's picture
By Evan Schuman September 8, 2016  | Security News
Age verification is an important part of security planning.

Not only is e-commerce being radically changed due the mobilization of shoppers, but it's disproportionately happening with younger consumers. At the same time, law enforcement and government regulatory attention is being focused on age violations. And yet, the vast majority of companies have age-verification systems that provide almost no legal protections. Consider Facebook's recent age... READ MORE

Podcast: Cyberwar has a history not just a future

jlavery's picture
By Jessica Lavery September 6, 2016  | Security News
Learn the history of cyber war.

Cyberwar – the term conjures images of futuristic warriors battling for control of Earth ala the Terminator or the Matrix. But the truth is cyberwar is just as much a part of our national history as it is a potential future crisis. And as the old adage goes “ what has happened before will happen again”. The main difference between the cyberwar of the past and the one of today, or the future is... READ MORE

When Bug Bounties Are Counter-Productive

eschuman's picture
By Evan Schuman August 18, 2016  | Security News
The problems with bug bounty programs.

Crowdsourcing security holes—aka bug bounties—has become an increasingly-popular tech firm tactic, bordering on Silicon Valley standard-operating-procedure. But as tempting as such an approach is, it's not without serious drawbacks. What we're talking about is encouraging and incentivizing anyone and everyone to dig into your app/OS and beat up on it to try and find any... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu