Application Security May 4, 2017 Taming the Open Source Beast With an Effective Application Security Testing Program 4 min read - Application security testing is the only way to prevent open source vulnerabilities from becoming a huge problem in the enterprise.
April 18, 2017 Punycode Enables Invisible Phishing Attacks 2 min read - Security researcher Xudong Zheng discovered a vulnerability in several popular web browsers that could enable fraudster to mask phishing attacks.
April 17, 2017 Magneto Vulnerability: Cybercriminals Drawn to E-commerce Exploit 2 min read - A newly released Magneto vulnerability comes with serious risk of total e-commerce compromise. Here's what businesses and shoppers need to know.
March 22, 2017 Burgenoning Bug Bounty Programs Up the Ante 2 min read - Bug bounty programs are now paying out more to white-hat hackers, but they're also tightening regulations on payments and structure.
March 14, 2017 Got SAP HANA? Your Calendar Just Filled Up With Zero-Day Critical Vulnerabilities 3 min read - SAP HANA customers should invest in an active threat monitoring and detection solution — meaning a SAP-specific threat vector detection.
March 7, 2017 Widespread Bug Bounty Program Could Help Harden Open Source Security 2 min read - As part of HackerOne's effort to improve open source security, the vulnerability disclosure firm made its bug bounty program available for free.
March 7, 2017 Wireshark Squashes Bugs With New Network Protocol Analyzer Update 2 min read - The Wireshark development team addressed dozens of vulnerabilities, segmentation flaws and bugs with the latest version of its network protocol analyzer.
March 6, 2017 DblTek GoIP GSM Gateways Have a Backdoor Password 2 min read - DblTek GSM gateways have a hidden backdoor password that allows root shell access. How can users protect themselves from this vulnerability?
Software Vulnerabilities March 6, 2017 Cheap Shock: Why Shellshock Is Still a Thing 2 min read - Although security researchers discovered Shellshock more than two years ago, it remains popular among fraudsters with basic skill sets and light wallets.
February 27, 2017 Linux Update Fixes 11-Year-Old Flaw 2 min read - A recent Linux update patched a vulnerability that enabled fraudsters to use heap spraying methods to execute arbitrary code and escalate permissions.