Security News


Study: Open Source Software Contributes to Mobile App Vulnerabilities

A new study examined hundreds of popular Android apps for security vulnerabilities, finding that the improper use of open source software puts organizations and users at risk.

Appdome Updates Mobile Security Offerings

The company boosted the capabilities of its code obfuscation product and unveiled man-in-the-middle attack protection.

Java SE Patches in Latest Oracle's CPU Mark a 12-Month Low

This CPU includes eight new Java SE patches, which is a 75 percent drop from a 30-month high set in July 2017.

Report: Unsecured Firebase Mobile Databases Leaking Enterprise Data

Cloud developers still aren't securing their data stores, a new report claims, resulting in the exposure of private enterprise information stored in Firebase, Google's mobile back-end platform.

Okta Releases Free 'API for One App' for Single App Security

On Wednesday identity cloud security provider Okta Inc. announced the launch of API Products for One App, an API-based tool for authenticating single Web sites and applications.

Java-Based Cloud Provider Jelastic Adds Cloud Security Features

Cloud hosting platform provider Jelastic has released a new version of Jelastic Shield, with which the company adds a number of security enhancements to its evolving PaaS/IaaS platform.

Firms Team Up for No-Code Mobile Anti-Bot SDK Integration

Mobile app integration specialist Appdome has entered a partnership to provide smoother implementation of the F5 Networks Anti-Bot SDK to protect mobile apps.

IoT Security Spending Reaching $1.5 Billion This Year and Growing: Gartner

Providing security for IoT devices is getting expensive and will become costlier, according to a Gartner report released in March. IoT security spending will reach $1.5 billion in 2018, up from $1.2 billion in 2017, a 28 percent increase.

AWS Boosts Encryption for Amazon DynamoDB, its NoSQL Database Service

Amazon Web Services added encryption-at-rest to Amazon DynamoDB, increasing security options for its NoSQL cloud database service in the wake of publicized wide-open data stores found on the cloud platform.

New 'Virtual Patch' Targets Java, .NET Vulnerabilities

Waratek announced a new security tool for Java and .NET applications that uses virtualization to quickly apply patches for long-term and newly discovered vulnerabilities.

Oracle's First CPU of 2018: Smallest Since Last April, Except for Java

Oracle's first Quarterly Critical Patch Update of 2018 provided fixes for 237 vulnerabilities across its product lines, including patches for 21 security holes in the Java Platform Standard edition (Java SE), 18 of which are remotely exploitable without authentication.

Developing an IoT Nightmare: My Smart Fork Ate My Data

Dr. Ben Zorn, co-manager of Microsoft's Research in Software Engineering group, wonders if the smart fork you are using to eat your spaghetti could be hacked.

Security Firm: Top 3 Mobile Malwares Target Android

The latest report from security firm Check Point Software Technologies Ltd. identifies the top three mobile malware threats -- which all run on Android.

Google Cracks Down on Android App Info Collection

Google' Safe Browsing team has expanded the enforcement of the company's Unwanted Software Policy, promising to flag Android apps in Google Play that collect personal information about users without their consent.

Java Developers Aren’t Applying Security Patches, Report Finds

A new report from application security vendor Veracode paints an unflattering picture of Java developers, finding 88 percent of Java applications contain at least one vulnerable component.

Study Examines Open Source Risks in Enterprise Software

Amid increasing reports of cyberattacks and data breaches, open source security company Flexera has published the results of a study examining the risk of using vulnerable open source code in enterprise applications and systems.

Oracle's Latest CPU: Nearly Two Dozen Fixes for Java SE

More than 90 percent of the vulnerabilities can be exploited remotely without authentication; about 60 percent can allow attackers to perform remote denial-of-service attacks; and more than 72 percent of these vulnerabilities can be easily exploited, because their attack complexity is low.

Google Offers $1,000 Bug Bounties for Android Store Apps

To improve the security of Android apps offered in the Google Play store, the search giant has launched a bug bounty program to award $1,000 to hackers who discover bugs in select, popular apps and work with developers to fix them.

Adobe Flash Security Vulnerability Currently Being Targeted by Attackers

Attack campaigns are currently being waged against the latest Adobe Flash security hole, the company announced on Monday.

Flaw Found in WPA2 Wireless Networking Security Protocol

WPA2, the gold-standard protocol for protecting Wi-Fi networks, has been found to have a serious security vulnerability.

Most   Popular
Upcoming Events

AppTrends

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.