Join us at RSA conference 2019  San Francisco, March 4-8

The Hacking of the Fridge & Other AppSec Stories This Week

This week saw some interesting developments in the AppSec department. For starters, in what’s been already been widely reported to be the year of the ‘Internet of Things‘, the first botnet that included internet-connected refrigerators and TV’s was discovered. We also found out that the malware stealing data off of Target’s POS systems was designed

Read More ›

6 Stories To Know This Week: Weekly AppSec Digest

This past week in AppSec we’ve seen more of the same with some new twists: Snapchat, perhaps unsurprisingly, got hacked after neglecting vital vulnerabilities, Cryptolocker has spawned a new demon, the Syrian Electronic Army went after Skype and the NSA is (also unsurprisingly) trying to build a quantum computer that could decrypt anything. Take a few minutes to

Read More ›

This Week in AppSec: December 23–29, 2013

Christmas week did not exactly bring out the best in some this year – especially when it came to breaches and vulnerabilities. Between Target’s mess of 40M customer records breached, Snapchat’s security fail, Samsung’s vulnerability and Dogecoin’s first hack on Christmas Day, the last full week of 2013 was not Application Security’s best. Let’s take

Read More ›

Smile, Your Webcam Has Been Hacked

There was a time when hacking involved only stolen data and information. But intruders are always looking for new ways to invade your privacy. The latest trend in the hacking circles involves the enabling of Apple’s MacBook iSight camera while the indicator light is still off, capturing stills without the victim’s knowledge.

Read More ›

4 Innovations Alan Turing Contributed To Computer Science (And The World In General)

“Can machines think?” Or “can machines do what we (as thinking entities) can do?” Eerie questions to ponder, especially in these tech-forward days with drones that hack other drones mid-air, robots that move like animals, and whatever new thing Apple comes out with. But it’s a question that was first posed to the world 77

Read More ›

Faux Google SSL Certificates Issued By Finance Ministry in France

Google spoke out this week after security engineers discovered fake SSL certificates linked to a French government agency earlier this month. On December 3rd, security engineers found that a government agency in France was using unauthorized digital certificates on various Google domains, including Gmail, which allowed the agency to act as man-in-the-middle of private domains

Read More ›

Cache of 2 Million Account Details For Facebook, Google, Yahoo Users Discovered

Some two million accounts on several of the most widely visited social media networks, email providers and websites were just discovered on a server with a bogus IP in the Netherlands. Hackers stole login usernames and passwords for Facebook, LinkedIn, Google, Twitter and various other popular sites.

Read More ›

CISO’s: Pre-Planning Your Application Security Program

Application Security is never a ‘one-and-done’ deal. It is ongoing, ever-evolving, and its’ centrality in organizations ever-growing. As technology’s scope and complexity increases, the emphasis on application security needs to grow as well; No matter which stage you are in the maturity model, application security is a constant in your approach.

Read More ›

This Week In Application Security News: Nov. 25 – Dec. 1

Winner of the ‘Worst Week’ award goes to James Howells, who this week realized he threw away a hard drive with 7,500 Bitcoins worth over $7.5 million in current BTC value. Read about his million dollar fumble, the still-unfolding Vodafone breach, new NSA snooping and more in this week’s edition of The Week in AppSec.

Read More ›