Four cyber security risks not to be taken for granted
It’s pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information …
programming
The hidden dangers of third party code in free apps
Research from MWR InfoSecurity has shown the various ways hackers can abuse ad networks by exploiting vulnerabilities in free mobile apps. When people install and use free …
Python Forensics
Author: Chet Hosmer Pages: 352 Publisher: Syngress ISBN: 0124186769 Introduction This book was touted as a “no-nonsense resource for the rapid development of new …
Software security in a market for lemons
There is little doubt that it’s difficult to develop secure software. First, you need to be aware of the need for security, accepting it as an important element of …
10 most significant software security design flaws
The IEEE Center for Secure Design, a cybersecurity initiative focused on the identification of software design flaws, released a report based on real-world data collected and …
Critical Delphi and C++Builder VCL library bug found
A buffer overflow vulnerability that could be exploited to execute malicious code has been discovered in the Visual Component Library (VCL) library of Embarcadero’s …
API security for connecting the enterprise cloud
In this interview, Don Bergal, COO at Managed Methods, answers questions regarding security around API based connections between an enterprise and the hybrid cloud. What …
New game sharpens secure coding skills
Today at Black Hat, Checkmarx launched Game of Hacks, a challenging game for software developers and security professionals to test their application hacking skills, improve …
Security contest rewards builders of secure systems
More often than not, computer security competitions come in the form of Capture The Flag (CTF) contests, and the emphasis is on breaking systems. This approach helps defenders …
Scan of Google Play apps reveals thousands of secret keys
A team of researchers from Columbia University has downloaded and decompiled over 880,000 applications found on Google Play, and has discovered – among other things …
NIST guidelines help developers build security in from the start
A new initiative by computer security experts at the National Institute of Standards and Technology (NIST) seeks to bring widely recognized systems and software engineering …
Code analysis and app security testing simplified
Quotium announced the release of Seeker Enterprise 3.0, whose innovative technology correlates application behavior with simulated hacker’s attacks to pinpoint …