April 28, 2015 WordPress Vulnerability Lets Cybercriminals Insert JavaScript Code via Comments Field 2 min read - A researcher says cybercriminals could exploit a WordPress vulnerability that uses JavaScript in blog comments to cause cross-site scripting attacks.
Application Security April 28, 2015 Software Defenses to OWASP’s Top 10 Most Common Application Attacks 6 min read - Software developers must learn how to build security in from the ground up to defend against the most common application attacks, as determined by OWASP.
April 27, 2015 New iOS 8 Vulnerability Taps Worrisome Wi-Fi Exploit 2 min read - A new type of iOS 8 vulnerability combines WiFiGate and an SSL compromise to cripple iPhones, according to mobile security firm Skycure.
April 23, 2015 Vulnerability in Magento Could Have Exposed 200,000 E-commerce Sites to Attack 2 min read - A vulnerability in Magento — the e-commerce platform owned by eBay — was patched but could have left more than 200,000 sites exposed to cybercriminals.
Fraud Protection April 21, 2015 Taking Evasive Actions Against Cyberfraud 2 min read - Cybercriminals are investing time and effort to improve their cyberfraud techniques in order to evade detection by security researchers and solutions.
Software Vulnerabilities April 21, 2015 CVE-2015-1097: Deobfuscating iOS Kernel Pointers With an IBM X-Force-Discovered Vulnerability 4 min read - IBM's X-Force Application Security Research Team has discovered a memory disclosure vulnerability in iOS IOKit IOMobileFrameBuffer.
April 17, 2015 Dropbox Bounty: Big Bucks for Bugs? 2 min read - The new Dropbox bounty program looks to catch software vulnerabilities in their infancy by rewarding researchers. So far, payouts have no maximum.
April 17, 2015 SearchBlox Vulnerabilities Underscore the Importance of Updating Enterprise Search Tools 2 min read - A set of four SearchBlox vulnerabilities could allow cybercriminals to conduct cross-site scripting attacks and cause other potential problems.
April 16, 2015 Bee in Your Botnet: AAEH Disrupted by Law Enforcement Sting 2 min read - A joint international task force has disrupted the Beebone botnet (AAEH), but are users really safe from this type of polymorphic malware?
April 15, 2015 Redirect to SMB Vulnerability: 18-Year-Old Flaw Morphs Into Huge Threat to Windows Machines 2 min read - Researchers say an old SMB vulnerability in Windows can be used to steal login credentials and take over some systems entirely using malicious URLs.