70% of finance apps vulnerable to input validation attacks
A growing number of data breaches and security incidents can be directly linked to poor code quality, according to CAST. The data reveals finance and retail industry …
California phone kill-switch law could lead to abuse
On Monday, California Governor Jerry Brown signed into law a bill (SB 962) that will require any smartphone sold in the state after July 1, 2015, to include a software or …
10 most significant software security design flaws
The IEEE Center for Secure Design, a cybersecurity initiative focused on the identification of software design flaws, released a report based on real-world data collected and …
50 confirmed, possibly more Norwegian oil companies hacked
50 Norwegian oil and energy companies have been hacked, and 250 more have been warned to check their networks and systems for evidence of a breach, The Local reports. Among …
The synergy of hackers and tools at the Black Hat Arsenal
Black Hat USA 2014 recently welcomed more than 9,000 of the most renowned security experts – from the brightest in academia to world-class researchers and leaders in the …
New Chrome fixes 50 security issues, bug hunter gets $30k
Having implemented 50 security fixes, the Google Chrome team has pushed out a new stable version of the popular browser. The company hasn’t shared many bug details since …
Former HHS cyber security director convicted for child porn
The former acting director of cyber security at the U.S. Department of Health and Human Services was convicted by a federal jury in the District of Nebraska of engaging in a …
470 million sites exist for 24 hours, 22% are malicious
Blue Coat researchers analyzed more than 660 million unique hostnames requested by 75 million global users over a 90-day period. They found that 71 percent of the hostnames, …
Cellphone surveillance systems can track almost anybody
The surveillance tech industry is booming, and we should be worried about it. Poorly regulated and exceedingly secretive, the companies that create surveillance solutions for …
NSA’s metadata search engine used by US, foreign agencies
The NSA has secretly built a “Google-like” search engine to be used by various US government agencies and intelligence agencies of the Five Eyes countries to sift …
Researchers warn about schemes that lead to FlashPack exploit kit
Security researchers have spotted two different online schemes that lead to pages hosting the FlashPack exploit kit. The first one relies on users visiting a compromised …
Facebook to fix flaw that can force iPhones to make calls
Facebook will soon be pushing out an update to its iOS Messenger app meant to patch a vulnerability that could allow attackers to place pricy calls from users’ phones by …
Featured news
Resources
Don't miss
- Henkel CISO on the messy truth of monitoring factories built across decades
- The hidden dynamics shaping who produces influential cybersecurity research
- UTMStack: Open-source unified threat management platform
- LLMs are everywhere in your stack and every layer brings new risk
- Building SOX compliance through smarter training and stronger password practices