Web App Vulnerabilities Flying Under Your Radar

Organizations could face big problems from seemingly small Web application vulnerabilities. The problem is, many of these bugs fly under the radar because they’re not considered severe. Shandon Lewis, senior Web application penetration tester at Backward Logic, discussed a few of these bugs in his presentation “Vulnerabilities in Web Applications That Are Often Overlooked” at…

How many adults trust companies with their personal data?

More than one third (36%) of adults aged 16–75 trust companies and organizations with their personal data more since GDPR came into effect one year ago, according to TrustArc. There are positive sentiments toward enforcement activity, and half (47%) of respondents have exercised some of their GDPR privacy rights. 57% of respondents are also more…

How to diminish the great threat of legacy apps

The Equifax breach underscored the risk posed by unpatched software applications. As a refresher, 146 million customer records were exposed after a known vulnerability in Apache Struts was exploited. The reality is enterprises are supporting an ever-growing number of applications, both commercial and homegrown which has created many challenges in maintaining proper security patches for…

How mainstream media coverage affects vulnerability management

For better or for worse, mainstream media is increasingly covering particularly dangerous, widespread or otherwise notable security vulnerabilities. The growing coverage has made more people aware of the risks and of the need to keep their various devices (software) up-to-date and, with the increased digitization of our everyday lives, I would say that’s a definitive…

GDPR and the Cloud

New protections for consumers, such as the EU’s General Data Protection Regulation (GDPR)— which is celebrating its first anniversary, and the new California Consumer Privacy Act (CCPA), provide consumers with added protections to ensure their privacy and prevent issues related to data theft or misuse. They do this by defining what is meant by personally…

Data Security: Think Beyond the Endpoint

INTEROP 2019 – LAS VEGAS – Endpoint security is a common concern among organizations, but security teams should be thinking more broadly about protecting data wherever it resides. “If you’re just focusing on device protection and not data protection, you’re missing a lot,” said Shawn Anderson, executive security advisor for Microsoft’s Cybersecurity Solutions Group, at…