Application Security Archives - Page 29 of 29

IBM deploys machine learning to bolster online banking security program

Issued by: CIO Security

Behavioral biometrics that uses machine learning is behind new features being added to IBM’s Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders. The new feature looks for anomalies between legitimate users’ normal mouse gestures and those of the current…

Application Security, Vulnerabilities

Cisco Patches 9 Flaws in Email Security Appliance

Issued by: Security Week

The most serious, rated “high severity,” are three DoS flaws in the AsyncOS software for Cisco ESA. The security holes, tracked as CVE-2016-6356, CVE-2016-1486 and CVE-2016-1481, allow a remote, unauthenticated attacker to cause a DoS condition on affected devices using specially crafted emails and malicious attachments. CVE-2016-1481 and CVE-2016-6356 affect AsyncOS versions 8.0 and prior,…

Application Security

Lyft customers face potential hack from recycled phone numbers

Issued by: CIO Security

Giving up an old cell phone number for a new one may seem harmless. But for Lyft customers, it can potentially expose their accounts to complete strangers. That’s what happened to Lara Miller, a media relations specialist living in California. Earlier this month, she discovered two credit card charges made in Las Vegas, over 400…

Application Security, Software Security

5 apps for encrypting and shredding files

Issued by: CSO

While safeguarding personal and business data has always been important, the necessity for maintaining digital privacy has become even more vital as more of our records are digitized. People are starting to realize that passwords alone aren’t enough. Even with password protection, anything on your computer can potentially be viewed by an enterprising hacker. And…

Application Security, Malware & Threats

Week in review: DNS DDoS, Linux kernel zero-day, VeraCrypt audited

Issued by: Help Net Security

Here’s an overview of some of last week’s most interesting news, reviews and articles: Dirty COW Linux kernel zero-day exploited in the wild is now patched Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm.

Application Security

RASP rings in a new Java application security paradigm

Issued by: CIO Security

Runtime Application Self Protection (RASP) is a next-generation cyber security technology designed to redress some of the weak points of application security. Unlike firewalls or code analysis, runtime-based technologies contain application data and contextual awareness, enabling them to be both precise and preemptive. In this article I introduce RASP. I’ll briefly compare RASP to other…

Application Security, Mobile Security

Intel asserts its trademark rights against John McAfee

Issued by: CIO Security

Intel does not object to John McAfee using his personal name in connection with his business, but it objects to the use by the maverick entrepreneur and security expert of the McAfee trade name and trademark in a way that could confuse or deceive consumers or dilute the brand. The issue came up when John…

Application Security, Vulnerabilities

Most would stop using digital payments if breached

Issued by: Help Net Security

88% of respondents to a survey conducted by Wakefield Research would stop using digital payments if they personally fell victim to cybercriminal activities as a result of a data breach. Respondents said that they would discontinue use of digital payments if: Money was stolen from a linked bank account – 70% Unauthorized charges appeared on…

Application Security, Vulnerabilities

Breaking the OODA Loop!

Issued by: Security Week

The OODA loop is a well established concept often used in security which originated in the military. OODA stands for Observe, Orient, Decide, Act. OODA is an iterative process because after each action you need to observe your results and any new opposing action. The idea is that if you can consistently get to the…

Application Security, Network Security

Video: Take Back Control of Your Information Security

Issued by: IKANOW

The numbers are staggering. PWC reported there were 60 million information security attacks on enterprises last year and CyberEdge Group found over 70% of all companies were breached. The attack surface has expanded rapidly as the number of managed devices increased another 72% over 2014 according to Cisco. According to IBM and CSO, the typical…