Security News


Adobe Flash Security Vulnerability Currently Being Targeted by Attackers

Attack campaigns are currently being waged against the latest Adobe Flash security hole, the company announced on Monday.

Flaw Found in WPA2 Wireless Networking Security Protocol

WPA2, the gold-standard protocol for protecting Wi-Fi networks, has been found to have a serious security vulnerability.

GitHub Intros Dependency Graphs, Security Alerts Coming Soon

GitHub is boosting the security capabilities of its software development platform, introducing new open source project dependency graphs and promising alerts when bad actors show up in those graphs.

The DevSecOps Skills Gap

Without baking in proper training and education, a new study suggests that the rush to adopt DevOps practices might be leading enterprises to an insecure place.

Security Report Details Top iOS, Android Vulnerabilities

Data from 12th annual WhiteHat Security study shows Android apps are plagued by incorrectly set backup flags, while many iOS apps allow unsecure cookies.

Apperian Update Targets Mobile App Security

Apperian updated its mobile application management platform with more functionality designed to boost the security of enterprise mobile app data.

Developers Again Blamed for Cloud Back-End Security Vulnerabilities

Developers are once again being blamed for cloud security vulnerabilities, this time in a new report from Appthority, which found terabytes of enterprise data exposed on cloud back-ends, including personally identifiable information.

Firm Says Untrained Developers Jeopardize Cloud Security

Developers lacking security training unknowingly jeopardize public cloud computing environments, says a new report from RedLock Inc.

Google's Fuzz Tester IDs Hundreds of Potential Open Source Security Flaws

The sorry state of open source security was further revealed by Google, which reported its fuzz testing tool has found hundreds of potential security vulnerabilities in the five months since it was launched.

Researchers: Open Android Ports Leave Millions Vulnerable

Researchers at the University of Michigan have published a paper in which they break new ground in investigating security implications of open Internet ports in Android applications, finding flawed apps that leave millions of users vulnerable to attack.

Open Source Security Audit 'Should Be a Wake-Up Call'

Black Duck report finds "widespread weakness in addressing open source security vulnerability risks."

Study Links Flawed Online Tutorials with Vulnerable Open Source Software

German researchers have published a paper finding that developers do indeed copy and paste code directly into their open source software, which can lead to the introduction of security vulnerabilities if that code comes from flawed online tutorials.

Java Watch 4/26/2017: New Java Trojans, Amazon SQS, Stanford CS Dept. Dropping Java, More

Here's a roundup of recent news and product announcements around Java and Java-related technologies.

Java Watch 4/12/17: CERT Security Warning, Deprecated Object.finalize, Updated Red Hat Tools

Here's a roundup of this week's news and product announcements around Java and Java-related technologies.

Ivanti Expands Datacenter Security Suite

It provides a "mitigation fabric" for server and hybrid cloud security that expands the company's security coverage from the endpoint to the datacenter,

Unpatched Java, Python Flaws Allow FTP Protocol Injection

Old vulnerabilities in both Java and Python that allow attackers to bypass firewalls and access local networks by injecting malicious commands inside FTP URLs resurfaced this week when two security researchers noticed that they remain unpatched.

BlackBerry Pivots to Secure Cloud Communications

Former smartphone manufacturer announced it's entering the Communications Platform-as-a-Service market, with an emphasis on security.

Another New Programming Language, This One for Security

Adding to the existing portfolio of some 700 programming languages is a new release candidate for Scramblecode, a security-oriented offering that encrypts everything from compilation to variables in memory.

Vulnerable Mobile, IoT Code Caused by 'Rush to Release' Says Security Report

Risks also result from an emphasis on end-user convenience over security and organizations' lack of urgency to address threats.

DevOps Security: Turn Security into Code

A presenter at the upcoming RSA security conference explains how security must be continuous and automated to be successful in DevOps.

Upcoming Events

AppTrends

Sign up for our newsletter.

I agree to this site's Privacy Policy.