Protecting Your Staff in Co-Working Spaces
Four walls, a sea of cubicles and the rest of the traditional office accoutrements are no longer standard in the working world. The number of innovative co-working spaces continues to rise around the world, and this doesn’t even include coffee shops, libraries and numerous other public places that offer free Wi-Fi. That means that your…
Mirror, Mirror: Using Self-Protection to Boost App Security
Last week while reading to my toddler, I came across the story of “Snow White,” in which the evil queen consults a magic mirror to find her greatest threat, the fairest person in the land. While my kid fell asleep — probably due to my effective storytelling technique — I kept thinking about why the…
Critical RCE Flaw Patched in PHPMailer
The developers of PHPMailer have patched a critical vulnerability that can be exploited by a remote attacker for arbitrary code execution, a researcher said on Sunday. With millions of installations, PHPMailer is considered the world’s most popular email creation and transfer class for PHP. It has been used by several major open-source projects, including WordPress,…
Is Bluetooth Security Good Enough for Your Most Sensitive Corporate Communications?
Most users take Bluetooth security for granted. When you’re enjoying the convenience of hands-free phone conversations, streaming podcasts in your car or jogging with your awesome new wireless headphones, do you need to worry about whether the communication channel is secure or not? What’s acceptable for consumers may not meet corporate standards. With a new…
A Year in Collaborative Defense With IBM Security App Exchange
IBM launched its IBM Security App Exchange at the tail end of 2015, so it has been live for almost a year now. We always thought the App Exchange had significant potential, but we’ve been blown away by its success with our customers and other security vendors. We now have security information and event management…
Cisco Resets Passwords on Careers Portal
Cisco last week prompted a password reset for the user accounts on its Cisco Professional Careers mobile website after a security researcher discovered a vulnerability in the portal. The networking giant decided to reset the user passwords to ensure that accounts are kept secure, and says that the issue would have resulted in exposing “a…
Lyft customers face potential hack from recycled phone numbers
Giving up an old cell phone number for a new one may seem harmless. But for Lyft customers, it can potentially expose their accounts to complete strangers. That’s what happened to Lara Miller, a media relations specialist living in California. Earlier this month, she discovered two credit card charges made in Las Vegas, over 400…
RASP rings in a new Java application security paradigm
Runtime Application Self Protection (RASP) is a next-generation cyber security technology designed to redress some of the weak points of application security. Unlike firewalls or code analysis, runtime-based technologies contain application data and contextual awareness, enabling them to be both precise and preemptive. In this article I introduce RASP. I’ll briefly compare RASP to other…