Application Security

Application security news, trends, analysis and practical advice

microsoft stock campus building
0 shadow it intro

code programming software bugs cybersecurity

JavaScript-based attack simplifies browser exploits

Researchers have devised a new attack that can bypass address space layout randomization (ASLR) in browsers and possibly other applications.

161214 apple newyork

What happens when tech companies make television shows

Short version: It's not good. Apple's Planet of the Apps is not exactly popcorn-friendly.

20151027 oracle cloud on building 100625234 orig

Oracle patches raft of vulnerabilities in business applications

Oracle released its first batch of security patches this year fixing 270 vulnerabilities, mostly in business-critical applications.

Black Hat 2015

The CSO guide to top security conferences

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

adobe systems headquarters san jose

Adobe patches critical flaws in Flash Player, Reader and Acrobat

Adobe Systems released security updates for its Flash Player, Adobe Reader and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers.

adobe systems headquarters san jose

Adobe patches critical flaws in Flash Player, Reader and Acrobat

Adobe Systems released security updates for its Flash Player, Adobe Reader and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers.

code programming software bugs cybersecurity

This tool can help weed out hard-coded keys from software projects

A security researcher developed a tool that can automatically detect sensitive access keys that were hard-coded inside software projects.

Badlock vulnerability logo

Google researchers help test cryptographic flaws

Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations.

adobe systems headquarters san jose

Adobe fixes critical flaw in Flash Player

Adobe Systems released security updates for several products, including one for Flash Player that fixes a critical vulnerability that's already known and exploited by attackers.

1 working

Common security mistakes in collaboration tools

Collaboration tools have become all the rage, but has your IT department closed all security gaps.

Android statues

Remote management app exposes millions of Android users to hacking

Poor implementation of encryption in a popular Android remote management application exposes millions of users to data theft and remote code execution attacks.

Adobe Flash player v10 icon

Adobe fixes flaws in Flash Player and Adobe Connect

Adobe Systems released security patches for its widely used Flash Player software as well as its Adobe Connect web conferencing platform that's popular in enterprise environments.

security thinkstock

Flaw in Intel CPUs could help attackers defeat ASLR exploit defense

A feature in Intel's Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found.

00 intro devops

7 ways DevOps can benefit CISOs and their security programs

Many organizations are regularly pushing out tens if not hundreds of releases and updates on a daily basis. With help and guidance from the security team, organizations can push secure releases on the first try and save lots of money...

security padlock on keyboard locked computer stock

Adobe fixes critical flaws in Flash Player and Digital Editions

Adobe Systems has fixed over 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.

microsoft headquarters

Microsoft bug bounty program adds .NET Core and ASP.NET Core

Microsoft has expanded its bug bounty programs to cover its open-source .NET Core and ASP.NET Core application development platforms.

todd mckinnon oktane15

Okta's API access product targets the trend toward services

Okta changed key parts of its product portfolio to attract new users to its corporate identity management and access control platforms.

hacker hacked unsecure theft passwords

Forget two-factor authentication, here comes context-aware authentication

The stakes are high and cloud vendors know it. Is context-aware authentication the next safety net?

Load More