Applications support organizations' most strategic business processes and access their most sensitive data. Yet application security continues to receive less budget and attention than network security.
Why is this? It can't be for lack of awareness? Weekly headlines remind security experts and business leaders...
Security teams need to plan and prepare for a consistent security and compliance posture across a larger, more fluid ecosystem in the cloud. To cover the additional attack surface, it's important to know all the nooks and crannies, and what operates within them. One of these operators are the App Dev teams that...
The IcedID banking Trojan has been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and a DLL file that acts as a second-stage downloader, according to Juniper Threat Labs.
Two critical, zero-day vulnerabilities affecting Internet Explorer and multiple versions of the Windows operating system are being exploited in the wild, Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency warn, urging prompt patching.
Qualcomm is prepping patches for its Snapdragon Digital Signal Processor, used in an estimated 1 billion or more Android devices, after researchers at Check Point counted 400 flaws that attackers could exploit to take control of devices and steal all data they store.
Gaining insights from your data requires more than collecting and analyzing metrics and logs. With the acceleration of customer and business demands, site reliability engineers and IT Ops analysts now require operational visibility into their entire architecture, something that traditional APM tools, dev logging...
Application container technology is revolutionizing app development, bringing previously unimagined flexibility and efficiency to the development process. A good monitoring solution is necessary for dynamic, container-based environments to unify container data with other infrastructure data - only then can you gain...
The latest edition of the ISMG Security Report analyzes the hijacking of a virtual court hearing in the Twitter hacking case. Also featured: Why network segmentation is more important than ever; update on Windows print spooler vulnerability.
Manage application security with a comprehensive toolkit.
Apps are a primary target for hackers. If you don't have tools to help you find and fix application vulnerabilities, you're leaving yourself exposed.
But what tools do you need? There's a wide array of application security tools on the market to help you...
Open source use isn't risky, but unmanaged use of open source is.
Open source software forms the backbone of nearly every application in every industry. Chances are that includes the applications your company develops as well. If you can't produce an accurate inventory of the licenses, versions, and patch status of...
Does your organization do software development in-house? If you'd like to learn more about application security but don't know where to start, this white paper will arm you with development and security fundamentals.
Inside you'll find:
Key concepts, terminology, and why DevSecOps and cloud development matters
The...
Benchmarking can help you get a new software security initiative off the ground or better navigate an existing one. It is different from other measurement techniques because it focuses on excellence, includes detailed comparisons, and pools confidential information among numerous organizations.
To get you started in...
Adobe Flash Player, which has been patched hundreds of times during its lifetime to address vulnerabilities, will no longer be supported after Dec. 31, leaving an attack vector that can be exploited by malicious actors unless it's removed. That's why eliminating all instances of Flash Player is so urgent.
Mobile banking startup Dave is just the latest victim of criminal data brokers. Extensive evidence now points to Dave having been hit by a ShinyHunters, which has been tied to the sale of millions of stolen records to fraudsters - either via a phishing attack or hack of a third-party service provider.
Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud. Dave says the incident traces to credentials stolen from Waydev, a third-party service provider.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.