The impact of the Drupal fiasco is still being felt across all industry sectors. The world’s third biggest CMS platform was compromised with arguably the oldest hacking technique in existence – the SQL injection (SQLi). While the Drupal 7.32 update has resolved this specific problem, SQL injections won’t really go away until they are treated from the
Doing security the right way demands an army – of developers, security teams, and the tools that each uses to help create and maintain secure code. With the increasingly important mindset of creating quality, secure code from the start, we’ve seen a greater shift towards the adoption of tools designed to detect flaws as
IT managers today are faced with many tasks and not enough time to complete them all. While these individuals are primarily tasked with ensuring that their top developers efficiently write code lines, they are also often regarded as the responsible parent in charge of maintaining application security. Given that web applications often entail the transfer
Samsung is currently topping sales charts worldwide with a wide range of Android powered phones catering to virtually all market segments. This mass distribution of mobile devices has magnified the importance of creating secure mobile applications. Unfortunately, a CSRF loophole has been found in one of the the South Korean phone manufacturer’s proprietary applications.
What’s the Deal with Drupal? Another month, another apocalypse-summoning security catastrophe – and October was no different. Just over two weeks ago, the security team behind Drupal’s free and open-source CMS released an ominous security advisory that shocked many in the security industry. The advisory, SA-CORE-2014-005, informed users that an SQL injection flaw in all