Improving software security through a data-driven security model
The current software security models, policies, mechanisms, and means of assurance are a relic of the times when software began being developed, and have not evolved along …
Twitter paid out $322,420 in bug bounties
Researchers have proven that bug bounties are a cheaper way for discovering vulnerabilities than hiring full-time bug hunters would be and, in the last few years, many …
The future of Identity Management: Passwords and the cloud
Compromised credentials are still the cause of almost a quarter of all data breaches, according to the Cloud Security Alliance. With a surge in cybercrime, it’s no wonder that …
65 million Tumblr users’ email addresses, passwords sold on dark web
Email addresses and hashed and salted passwords of 65 million Tumblr users are being sold online by “peace_of_mind,” aka “Peace”, the individual that …
Global profiles of the typical fraudster
Technology is an important tool to help companies fight fraud, but many are not succeeding in using data analytics as a primary tool for fraud detection. Meanwhile, fraudsters …
Check Point finds dangerous vulnerabilities in LG mobile devices
Check Point found two vulnerabilities which can be used to elevate privileges on LG mobile devices to attack them remotely. These vulnerabilities are unique to LG devices, …
Hacker imprisoned for stealing Bitcoin, selling botnet on Darkode
A Louisiana man was sentenced to 12 months and one day in prison for using a computer to steal money, hacking computers to obtain passwords, and attempting to sell information …
Payment Application Data Security Standard 3.2 released
The PCI Security Standards Council (PCI SSC) published a new version of its data security standard for payment software, the Payment Application Data Security Standard …
Five tips to avoid getting hit by ransomware
Ransomware has emerged as the predominant online security threat to home users and small businesses. Delivered through spam or phishing emails that trick users into clicking …
SANS maps SAP cybersecurity to the CIS Critical Security Controls list
The CIS Critical Security Controls are a set of internationally recognized standards outlining the most important cyber hygiene actions that every organization should …
Growing advanced threats will augment the IT security market through 2020
Research analysts are forecasting positive growth for many segments of the global IT security market over the next four years as several markets including BYOD security, …
Week in review: API security, keyloggers disguised as USB device chargers, online tracking
Here’s an overview of some of last week’s most interesting news and articles: Faulty TLS implementation opens VISA sites, users to attack A group of researchers …