The “smart” home appliances we all are letting into our lives are getting “smarter”. This isn’t a movie plot, nor is it a scientific experiment. Security provider Proofpoint estimates that over 750,000 phishing and spam emails have already been sent out by infected fridges, televisions and other appliances.
Breaches seem to be hitting every country across every industry these days. This week was no better. Not only did the biggest craft store in the U.S. disclose a breach affecting an unknown number of credit card users, but nearly 40% of South Koreans as well as 16 million Germans are dealing with the affects
The results are out. SplashData, a leading password management application provider, has released its annual list of 25 most common passwords found on the net. The list was compiled with the help of data files consisting of millions of stolen passwords, published by leading hackers on the net.
Each new technology seems to emerge together with exploitable baggage. Speech recognition, for example, is being used in rising technologies from Siri to smart homes and is evolving quickly. While speech recognition has the potential to make life much easier and quicker, like any technology it comes with flaws. In this case, a Chrome browser exploit
Each year, hundreds of hackers gather in computer labs around the world. Their goal? Like any other hackers, their goal is to manually exploit application and network level flaws in servers across the globe. If it sounds malicious, it’s just because it mimics real world vulnerability exploitations that happen every day. In fact, this specific
App security has become a sensitive topic as more and more private information is being shared by users. Even minor vulnerabilities can be exploited and used to harvest sensitive data for criminal or commercial purposes. The latest high-profile loophole was exposed in the Starbucks iOS app. The vulnerability was found by Daniel E. Wood, a
Lovers of the “Terminator” movie series surely remember how John Connor used his cool “binary code gadget” to hack into his local ATM machine. Technology has changed a lot since the early nineties, but hackers are still milking ATMs using malware-loaded USB drives. It’s estimated that millions of dollars have already been stolen in Europe
This week saw some interesting developments in the AppSec department. For starters, in what’s been already been widely reported to be the year of the ‘Internet of Things‘, the first botnet that included internet-connected refrigerators and TV’s was discovered. We also found out that the malware stealing data off of Target’s POS systems was designed
The underground Android application market is booming. More and more pirated games are available for direct download on the net. One such game, the cloned Minecraft PE, is causing extensive damage all across the globe. Users of the Trojanized version are advised to uninstall the game immediately. The temptation is irresistible for any hardcore gamer. When costly games
This post is based on our AppSec How-To Paper on Achieving Security in DevOps, which you can access here. In DevOps, when you’re deploying hundreds, possibly thousands, of features and bug fixes a week, security cannot afford to be an afterthought. The beautiful thing about DevOps is that it’s a process that continues to get more