December 10, 2014 Major Websites Remain Vulnerable to POODLE Attack 3 min read - Many major websites are still vulnerable to the POODLE attack, which now works against certain Transport Layer Security (TLS) implementations.
December 9, 2014 Security Researchers: Google App Engine May Contain More Than 30 Vulnerabilities 2 min read - Holes in Google App Engine could allow third parties to access or steal information from the company's cloud-based service for hosting Web apps.
Software Vulnerabilities December 8, 2014 CVE-2014-0195: Adventures in OpenSSL’s DTLS Fragmented Land 7 min read - Here is a look at the remote code execution bug in OpenSSL's DTLS, how it works and the different ways cybercriminals might leverage it for exploitation.
Application Security December 4, 2014 SpoofedMe Social Login Attack Discovered by IBM X-Force Researchers 7 min read - IBM X-Force has found a social login attack that lets attackers intrude in many websites' local accounts and has alerted those affected by it.
November 18, 2014 Latest Shellshock Attack Uses Bashlite to Target Devices Running BusyBox 2 min read - The Shellshock vulnerability has spawned a new wave of attacks using Bashlite, a malware variant aimed at devices using BusyBox open-source software.
Cloud Security November 14, 2014 For a Cloud-First Strategy, Start With a Cloud Security-First Plan 5 min read - Cloud-first organizations should focus their attention on these 13 areas that will help them develop a sound cloud security strategy.
X-Force November 11, 2014 IBM X-Force Researcher Finds Significant Vulnerability in Microsoft Windows 6 min read - The IBM X-Force Research team has identified a significant vulnerability (CVE-2014-6332) in every version of Microsoft Internet Explorer since 3.0.
November 4, 2014 Security Leaders Claim Most Sites Using Drupal Have Been Hacked 2 min read - A flaw in the Drupal content management system may affect many websites, but security leaders have released some steps to help mitigate the risk.
Software Vulnerabilities October 28, 2014 Revelations in Data Protection in the Aftermath of Shellshock 3 min read - Sometimes less is more. But when it comes to data protection, more is definitely more, as proven by new research into the recent Shellshock vulnerability.
October 20, 2014 POODLE Attack Packs a Bite 2 min read - The innocuously named POODLE attack disclosed by security researchers at Google this week demonstrates the dangers of supporting obsolete technology.