Open-source software projects continue to struggle with handling sensitive information, according to automated scans of hundreds of millions of commits to code repositories. Software-security toolmaker DeepCode found that four of the seven vulnerabilities classes with the greatest impact on the security of software projects had to do with failures to protect data. The categories of…

The latest edition of Veracode’s annual “State of Software Security” study released this week shows that many enterprise organizations are at increased breach risk because of aging, unaddressed application security flaws. Veracode recently analyzed data from application security tests on more than 85,000 applications and found that, on average, companies fix just 56% of all…

We always recommend downloading Android apps from official stores and nowhere else. But that doesn’t mean there are no viruses in the Google Play. It is true, however, that you’ll find fewer of them in the official store than on third-party sites, and they get removed on a regular basis. How Google monitors the security…

In April 2018, following the Cambridge Analytica scandal, Facebook announced the launch of a bug bounty program focusing on the misuse of private information. The social media giant has been offering between $500 and tens of thousands of dollars for reports of apps that collect and transfer personal data. This program has now been expanded…

Enterprise organizations are scanning more applications for security vulnerabilities than ever before, but, troublingly, they are remediating fewer of their discoveries because of the sheer volume. As it has for the past 13 years, WhiteHat Security recently analyzed data from the results of application security tests the company performed at customer locations last year. The…

Financial services organizations are increasingly exposed to cyber threats, according to Wandera. The report “​Mobile Security in the Financial Services​,” includes analysis of six months of security data from 225 financial services customers with 50,000 devices collectively under management. Notable findings There were 4.7 million events across the subset of devices analyzed over the 6-month…