This guest post is by application security professional Dave Ferguson. Keep up with Dave’s posts on his blog! There’s a shortage of application security experts. Hackers seem to continually have the upper hand over those trying to defend applications against threats. One reason is that software has become so prevalent; This trend will only continue
It’s no secret that Google has become the most dominant platform on the web, providing virtually all types of online services. Although not publicized enough by the company, there are ways to reduce Google’s presence in your workspace and boost your privacy/security. The controversial change that caused a stir worldwide was the merging of Gmail
This week, NBC got called out for a slightly exaggerated report of hacking in Sochi (hint: they weren’t even in Sochi); SnapChat got hit with another vulnerability report; Target was hacked via their A/C and heat guys and more. Here’s a short n’ sweet version of the weeks’ news you may have missed.
The notorious hacker group Syrian Electronic Army (SEA) is stirring up trouble again, this time with Facebook. Overnight, the group claimed to pwn the Facebook.com domain, posting a screenshot of the WHOIS info on its Twitter. ‘Happy Birthday Mark,’ the tweet taunted, referring to Facebook’s recent 10th birthday. The registrant data indeed reflected that the
After discovering a previously unknown remote exploit, Adobe Systems, Inc. has released a critical security patch for Flash Player. They are urging all users to download the latest version as soon as possible.The security bulletin said that the updates are meant to address a critical security vulnerability that would allow a malicious attacker to remotely
A full plate of social engineering, another serving of Syrian Electronic Army mischief and a dessert course of ChewBacca malware made the security menu this week. It was the week we learned about how far one will go to keep and to steal a monosyllable Twitter handle, what grudge the SEA holds against PayPal and
A company that manages some of the biggest name brand hotel franchises across the U.S., including Hilton, Westin, Marriott and Sheraton, has apparently been dealing with a potential data breach where thousands of guests’ credit card data was stolen over a period of at least nine months.
We’re already well-informed of just how far-reaching the NSA’s data-tapping techniques are, but newly published leaks have taught us more methods to the NSA-madness. According to new documents furnished by Edward Snowden, the NSA and British-counterpart GCHQ have been tapping into commercial data troves collected by popular smartphone apps like Angry Birds and Google Maps
Each new technology seems to emerge together with exploitable baggage. Speech recognition, for example, is being used in rising technologies from Siri to smart homes and is evolving quickly. While speech recognition has the potential to make life much easier and quicker, like any technology it comes with flaws. In this case, a Chrome browser exploit
Each year, hundreds of hackers gather in computer labs around the world. Their goal? Like any other hackers, their goal is to manually exploit application and network level flaws in servers across the globe. If it sounds malicious, it’s just because it mimics real world vulnerability exploitations that happen every day. In fact, this specific